Am 2004-08-08 15:32:51, schrieb Russell Coker:
> On Sat, 7 Aug 2004 14:56, "Shannon R." <shannon_mtbikes@yahoo.com> wrote:
> > Is there a debian package wherein the app recognizes
> > IIS worm attacks? Then blocks these IPs in real time?
>
> Why bother? They can't do any harm, and the bandwidth that they take is
> usually a small portion of the total bandwidth. Why not just ignore them,
> it's the easiest thing to do.
Allready tried webalyzer on a 10 MByte IIS-Worm infected LOG File...
Forget it !!!
I have redirected/aliased all requests to www.microsoft.com :-)
This keeps my LogFiles clean...
On some days I had on my Virtual WebServer @HOME (ADSL 128/1024)
more then 50 MByte Logfiles with ISS-Worm and hash=xxx entries.
Greetings
Michelle
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Attachment:
signature.pgp
Description: Digital signature