>Slightly off topic but I know alot of us are running IIS 5. This hit 5 of
>our servers this am....
>http://www.eeye.com/html/Research/Advisories/AL20010717.html
>http://support.microsoft.com/support/kb/articles/q300/9/72.asp?id=300972&SD=
I strongly urge everyone to check their web server(s) for this (it has
infected about 200,000 servers already). We have our own web server that
we are developing for our new DNS Report, and have already seen 10 attempts
to infect our server. Fortunately, we weren't among the "Early IPs", and
have our own web server so it isn't vulnerable to IIS attacks.
You can check your logs for "GET /default.ida?NNNN" (there's lots more
after that). If you see it, you've likely been hit (although you may or
may not be infected).
-Scott
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
