Re: IIS worms and apache

To: Craig Dickson <crdic@pacbell.net>
Cc: "List, debian-user" <debian-user@lists.debian.org>
Subject: Re: IIS worms and apache
From: Gottfried Szing <gottfried@szing.at>
Date: Tue, 29 Oct 2002 18:43:58 +0100
Message-id: <[🔎] 3DBEC8DE.80204@szing.at>
References: <[🔎] 20021029154958.GH11290@ursine.dyndns.org> <[🔎] 20021029172944.GB10495@linux700.localnet>

Craig Dickson wrote:

Is there some apache module that will notice various IIS exploits in
real time, look up the proper contacts and report it to the
corresponding abuse contacts automagically?


In some circles, that would be too easily mistaken for a DDOS attack tool.

assuming that the "attacker" comes through a proxy this is really nice.everyone elseusing the proxy will be blocked. so this is the opposite of a a DDOSattack becausenot many people are attacking one host, but one host is blocking manypeople. a really

"nice" behaviour.

may i have the web host URL which is using this approach? just a joke :)))

but why is it useful to block such people from which the attack iscoming from? is

there really some reason for it?

cu

Reply to:

References:
- IIS worms and apache
  - From: Paul Johnson <baloo@ursine.dyndns.org>
- Re: IIS worms and apache
  - From: Craig Dickson <crdic@pacbell.net>

Prev by Date: sometimes the lilo boot menu does not show up unless one hits shift or something
Next by Date: 3.0: Booting From CD
Previous by thread: Re: IIS worms and apache
Next by thread: Q: Debian, fvwm, virtual desktops and howto place specific programs at startup
Index(es):
- Date
- Thread