Test Center ThreatWatch: Oct 1

Spam Watch 9/28-9/30

The month of September ended with total mail volumes on par with the average daily expected. Blatant spam volumes -- messages that are flagged as "high" -- declined 52 percent, but the borderline messages -- flagged as "medium" -- remained the same.

Blocked connections inched up to 88.7 percent and spam stayed at 10.8 percent yesterday. However, the amount of total spam yesterday is about half of what was received even a week ago.

The MyDoom worm made a reappearance Monday and Tuesday. All the viruses and Trojans that the filters trapped in the past few days were all low-level threats.

This worm was the first high-level one to reach the server. Test Center will keep an eye to see if this is a precursor to another big attack. The most active relay was based in Ukraine.

Attack Watch 9/29-9/30 All's quiet on the honeypot front. Logfiles report a few sniff attempts over TCP from Beijing IP adresses. Also reported, some activity against SSH ports from an untraceable domain, "bbhyd.sify.net". Some of the usual activity, scans against native IIS and some SQL login attempts from IP addresses that trace back to Asia.