Am 2004-08-08 15:32:51, schrieb Russell Coker: > On Sat, 7 Aug 2004 14:56, "Shannon R." <[EMAIL PROTECTED]> wrote: > > Is there a debian package wherein the app recognizes > > IIS worm attacks? Then blocks these IPs in real time? > > Why bother? They can't do any harm, and the bandwidth that they take is > usually a small portion of the total bandwidth. Why not just ignore them, > it's the easiest thing to do.
Allready tried webalyzer on a 10 MByte IIS-Worm infected LOG File... Forget it !!! I have redirected/aliased all requests to www.microsoft.com :-) This keeps my LogFiles clean... On some days I had on my Virtual WebServer @HOME (ADSL 128/1024) more then 50 MByte Logfiles with ISS-Worm and hash=xxx entries. Greetings Michelle -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature
