--- Philip S Tellis philip.tellis@iname.com wrote:
The IP is either being spoofed or it's coming from six different places (I mean completely different - 206, 193, 194, 61, 63, 207). Also, it's been detected as the Red.ida worm, on bugtraq. All IIS versions are vulnerable, apache is not. It's most likely that these hits are coming from an infected machine, not from the originator.
Could it be a series of bot attacks from trojan'ed machines?
Krishnan
__________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/