[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
On Saturday 12 January 2002 8:08 pm, you wrote:
Speaking of viruses, Nimda/code red etc are really beginning to get on my nerves. These damn people who run IIS and don't patch it are driving my web logs crazy. My var partition isn't massive and it's come close to filling up on a few occaisions - obviously this would have cripple my server.
Can you re-direct the logs to another machine?
question: As these viruses are requesting something from my web server, if my sever served say a file called nimba.ida would I be right in saying that this would be perfectly legal.
Why not. Make sure it has no payload or consequences other than the file size and see what happens. That way you would reduce the impact on the web logs? I'm assuming it's 404 reports for this file that are bulking out the error.log? I've noticed favicon.ico making a similar dent and when the majority of the error.log is 404 favicon.ico, it's time to think about a dummy file. (I noticed one website that used the Netscape logo for favicon.ico - nice touch.)
I have a script (untested at present) which would cause a popup window on IIS servers saying that they had a virus.
Traceable to you? If not, OK, but would they take any notice?
I know that code red leaves a huge backdoor on systems that it's infected and I'm starting to get to the point where I'll take advantage of it and start leaving some nasty messages for incompetent administrators.
Nasty. Don't let your frustration get the better of you. For one thing it may not be worth it, after all, are they going to take any notice of an effect on someone else's server? Not My Problem syndrome? Yes, I know it actually is, but that's the point, they are oblivious to the real problem and have already had numerous people telling them that they are oblivious to the real problem. Will one more voice change their minds? -- Neil Williams ============= http://www.codehelp.co.uk neil@xxxxxxxxxxxxxx linux@xxxxxxxxxxxxxx neil@xxxxxxxxxxxx -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.