>My server is flooded with code red activity lately, I have patched this vuln
>but there is still alot of activity going on and it is hogging the server
>performance. The weblog is full of code red activity. How can I overcome this
>problem. Pls help ASAP.
There are 2 different problems you may have:
[1] The problem you seem to think you have is that your web server is
catching the Code Red virus, despite the patches. This is possible,
especially if you were already infected by the 2nd/3rd versions that aren't
just memory resident. The key is whether you installed the patch before or
after you were first hit by the 2nd/3rd versions.
[2] All the activity in the weblog is simply other servers trying to infect
you. That doesn't mean that you are infected (our server gets a lot of
those hits, but isn't infected, because we are running our own
webserver). The only thing you can do about that is block the attacks at a
firewall or router before they hit your server.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
