> -----Original Message-----
> > I don't actually think it's hysteria mate, do you want to see
> > a copy of my
> > IDS logs????
>
> Not really, no. They tend to be boring and full of kidz getting 404's.
:-) I did say IDS logs though, they filter out all the crap and only show me
the ISAPI Extension Overflow errors.....
> > There are a large number of attacks going on as
> > I write this
>
> Woo-wee - where have you been ? An ongoing scan of your system is
> a *FACT OF
> LIFE* for a system on the internet.
> My dial-up gateway at home gets scanned !
Tell me about it, then again, my server very rarely blocks anyone, so far
today it's implemented over 300 24 bans on various IP addresses in the last
12 hours..... That is unusual.....
> > and anyone running an unpatched/unprotected IIS server needs
> > to do something
> > about it asap.
>
> No, anyone running an unpatched/unprotected IIS server on a public network
> needs to fired, as their not doing their job. The patch was all
> over BugTraq
> et al. well before Code Red was released.
Agreed!
> But, if you look at the domains from which these scans originate,
> most have
> no reverse look-up, or are from ISP's like @home <shrug> and
> those are just
> the people who wont care, because Code Red version 2 is non destructive to
> the local machine.
Lot's of Chinese, Japanese, Koreans, Mexicans and a few US and EU academic
one's as well...... There are even some coming in as 0.0.0.0
I have had a few responses from some of the ones I thought would take
action, some very sheepish IISadmins out there :-)
We're averaging a new attempt every minute or so....
-= Ed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
