On Fri, 21 Sep 2001 13:48:09 -0700, Bill Rausch wrote:
>
>My web sites, which generally have only a couple of real visitors a
>day to run a specific applications, have just been getting hammered
>by this stupid nimda and code red stuff. I'm running
Linux/Apache/PHP
>and have firewalls that filter everything except port 80 so I'm not
>worried about any local effects.
>
>What I've done as a public service is to run a "/missing.php" script
>that looks like:
>
><?php
>if( strpos( $HTTP_SERVER_VARS["REDIRECT_URL"], ".exe" ) > 0 )
> sleep( 300 );
>if( strpos( $HTTP_SERVER_VARS["REDIRECT_URL"], "default.ida" ) > 0 )
> sleep( 300 );
>header( "HTTP/1.0 404 Not Found" );
>echo "404 File Not Found: ";
>echo $HTTP_SERVER_VARS["REDIRECT_URL"];
>?>
>
>I felt that if nothing else I could slow the worm down a little by
>wasting its time before it races off to the next potential target.
>Does what I'm doing make any sense or am I all confused?
>--
> Bill Rausch, Software Development, Unix, Mac, Windows
> Numerical Applications, Inc. 509-943-0861 [EMAIL PROTECTED]
>
i think its a good idea.
here's a related story you might like:
http://www.wired.com/news/technology/0,1282,46964,00.html
--
Mark, [EMAIL PROTECTED] on 09/21/2001
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
