New IIS worm
I know we don't care on linux, but I have reallly a lot of hits from
machine querying for the ..%%35c../winnt/system32/cmd.exe and Cie.
And it starts to make a lot of apache childs, and the global charge
grows consequently.
Is there a way to protect from that ?
Using an apache configuration trick ?
Or blacklisting and using some firewall rules behind ?
If anyone knows how to do, or has already done the script that kicks
these infected servers, it could interest me...
--
VALLIET Emmanuel ! http://www.webmotion.com
Webmotion Inc. ! mailto:emmanuel.valliet@webmotion.com
Famous last words - Jesus Christ: Father, beam me up.
Reply to: