Code Red Hammering Away

• Previous message (by thread): Code Red Hammering Away
• Next message (by thread): Code Red Hammering Away
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Speaking of sharing experiances it is beating the crap out of our unix 
servers we install aplicatino firewalls on all the NT machines and there were 
patched anyway before the last one hit. But all the requestes to the port 80 
is taking down the webserver and affecting the machine because of access 
logs. 

bummer. :(


On Saturday 04 August 2001 16:24, you wrote:
> Le (On) Sat, Aug 04, 2001 at 05:14:09PM -0400, Bob K ecrivit (wrote):
> > > > 4:53:48pm|melange at host:/home/melange> grep default.ida
> > > > /var/log/httpd-access.log | grep XXXXX | wc -l 6
> > >
> > > I've started seeing LOTS of XXXXX hits as of approx 1 hour ago.
> > > 5 in one hour and counting...
> >
> > Just for reference, here's the logs of this new variant:
>
> Pretty interesting, maybe all nanog-post subscribers could share their
> experience with this worm too. Especially if you've seen a lot of non-[XN]
> alphanumerical chars.
>
> Sorry, but this worm caused more damages to mailing lists than anything
> else, on the Internet. Looks more like a chain-letter...

-- 
Advanced Hosting UNIX Admin | Daniel Fairchild danielf at supportteam.net 
To rate my service or provide feedback, please visit the following URL:
http://www.supportteam.net/rate.php3

Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.

• Previous message (by thread): Code Red Hammering Away
• Next message (by thread): Code Red Hammering Away
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]