19 Sep
2001
19 Sep
'01
1:53 a.m.
The worm hit Cryptome at 8:43 AM EST and is now sucking at a rate of about 90% of the load. As others have noted, the bulk of the hits appear to be coming from our own ISP, either by design or by spoofing the origin. Our server is on Apache but the worm generates endless errors attempting to find holes in IIS. Pervasive DDoS attacks are reportedly underway at gov sites. We are not seeing an unusual number of that type.