[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

New IIS worm

I know we don't care on linux, but I have reallly a lot of hits from
machine querying for the ..%%35c../winnt/system32/cmd.exe and Cie.
And it starts to make a lot of apache childs, and the global charge
grows consequently.
Is there a way to protect from that ?
Using an apache configuration trick ?
Or blacklisting and using some firewall rules behind ?
If anyone knows how to do, or has already done the script that kicks
these infected servers, it could interest me...

VALLIET Emmanuel       !   http://www.webmotion.com
Webmotion Inc.         !   mailto:emmanuel.valliet@webmotion.com
Famous last words - Jesus Christ: Father, beam me up.

Reply to: