|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Code Red Hammering Away
Speaking of sharing experiances it is beating the crap out of our unix servers we install aplicatino firewalls on all the NT machines and there were patched anyway before the last one hit. But all the requestes to the port 80 is taking down the webserver and affecting the machine because of access logs. bummer. :( On Saturday 04 August 2001 16:24, you wrote: > Le (On) Sat, Aug 04, 2001 at 05:14:09PM -0400, Bob K ecrivit (wrote): > > > > 4:53:48pm|[email protected]:/home/melange> grep default.ida > > > > /var/log/httpd-access.log | grep XXXXX | wc -l 6 > > > > > > I've started seeing LOTS of XXXXX hits as of approx 1 hour ago. > > > 5 in one hour and counting... > > > > Just for reference, here's the logs of this new variant: > > Pretty interesting, maybe all nanog-post subscribers could share their > experience with this worm too. Especially if you've seen a lot of non-[XN] > alphanumerical chars. > > Sorry, but this worm caused more damages to mailing lists than anything > else, on the Internet. Looks more like a chain-letter... -- Advanced Hosting UNIX Admin | Daniel Fairchild [email protected] To rate my service or provide feedback, please visit the following URL: http://www.supportteam.net/rate.php3 Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.
|