On Sunday, August 10, 2003, at 07:45 PM, Mark Henderson wrote:
hello again ,Here are the commands I use in my analog.cfg to ignore these types of log entries:
it's been established that the reason for all the miscellaneous xxx's in our server logfiles are code red attacks on default.ida. However, security on the server is well up to date, and there are no virus infections. The problem is the attacks keep coming from random IPs, and are consistently screwing up the traffic reports on each of the hosted domains. Is there any solution to this problem, or is it too late? Without traffic figures on each of these domains, I cannot give an accurate report to the billing department for charging. All help greatly appreciated.
FILEEXCLUDE *cmd.exe* FILEEXCLUDE *MSADC* FILEEXCLUDE *msadc* FILEEXCLUDE *_vti_bin* FILEEXCLUDE *_mem_bin* FILEEXCLUDE */c FILEEXCLUDE */d FILEEXCLUDE */scripts FILEEXCLUDE *FormMail.pl FILEEXCLUDE */c+dir FILEEXCLUDE *default.ida*
Sincerely, W. Jeffrey Rankin Lead Web Application Developer
O'NEIL & ASSOCIATES, INC. <http://www.oneil.com> 495 Byers Rd. Miamisburg, Ohio 45342-3662 Phone: (937) 865-0800 ext. 3504 Fax: (937) 865-5858 E-mail: [EMAIL PROTECTED]
+------------------------------------------------------------------------ | TO UNSUBSCRIBE from this list: | http://lists.isite.net/listgate/analog-help/unsubscribe.html | | Digest version: http://lists.isite.net/listgate/analog-help-digest/ | Usenet version: news://news.gmane.org/gmane.comp.web.analog.general | List archives: http://www.analog.cx/docs/mailing.html#listarchives +------------------------------------------------------------------------