Hi, What Hannes says is true. There are quite a few nimda infected computers out there that are connected to the internet via T-DSL, even some with ISDN. With "flatrates" getting affordable, people often have their PCs connected their PCs almost 24h to (e.g. for download or P2P). Also running a Webserver on such hosts isn't as uncommon as it used to be. peace, Tom Johannes Studt wrote:
On Friday 11 October 2002 13:28, mailinglists@belfin.ch wrote:
Who's sleeping here? This isn't neither nimda nor code red. This is a scan. it came from a dial up account. Nimda and Code red never came from dial up accounts. They always came from static IP addresses.
Why nimda or code red _must_ come from static ip addresses? Think of IIS installed on WinPCs which are 24/7 up and accessible via DynDNS names. Such systems are vulnerable too...
Hannes