North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Code Red Hammering Away
Yup Im seeing the XXXX's now. :(( Another round?? Michael... On Sat, 4 Aug 2001, Advanced Hosting UNIX Admin Daniel Fairchild wrote: > > Speaking of sharing experiances it is beating the crap out of our unix > servers we install aplicatino firewalls on all the NT machines and there were > patched anyway before the last one hit. But all the requestes to the port 80 > is taking down the webserver and affecting the machine because of access > logs. > > bummer. :( > > > On Saturday 04 August 2001 16:24, you wrote: > > Le (On) Sat, Aug 04, 2001 at 05:14:09PM -0400, Bob K ecrivit (wrote): > > > > > 4:53:48pm|[email protected]:/home/melange> grep default.ida > > > > > /var/log/httpd-access.log | grep XXXXX | wc -l 6 > > > > > > > > I've started seeing LOTS of XXXXX hits as of approx 1 hour ago. > > > > 5 in one hour and counting... > > > > > > Just for reference, here's the logs of this new variant: > > > > Pretty interesting, maybe all nanog-post subscribers could share their > > experience with this worm too. Especially if you've seen a lot of non-[XN] > > alphanumerical chars. > > > > Sorry, but this worm caused more damages to mailing lists than anything > > else, on the Internet. Looks more like a chain-letter... > > -- > Advanced Hosting UNIX Admin | Daniel Fairchild [email protected] > To rate my service or provide feedback, please visit the following URL: > http://www.supportteam.net/rate.php3 > > Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. >
|