From owner-freebsd-questions Fri Aug 24 10:51:56 2001 Delivered-To: freebsd-questions@freebsd.org Received: from ns.shellworld.net (ns.shellworld.net [64.29.16.176]) by hub.freebsd.org (Postfix) with ESMTP id 6A41137B427 for ; Fri, 24 Aug 2001 10:51:42 -0700 (PDT) (envelope-from tforrest@ns.shellworld.net) Received: from localhost (tforrest@localhost) by ns.shellworld.net (8.9.3/8.9.3) with ESMTP id NAA21011 for ; Fri, 24 Aug 2001 13:51:41 -0400 Date: Fri, 24 Aug 2001 12:51:41 -0500 (CDT) From: Tommy Forrest - KE4PYM To: Subject: Re: Reporting Code Red attempts In-Reply-To: <20010824131218.A42700@acadia.ne.mediaone.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG You can report Code-Red attempts to redalert@dshield.org. They're doing a pretty big effort over there to contact owners of the IP addys that are spreading this mess. Sometimes abuse@whereever doesnt always work. They'll do the work and tracking for you. On Fri, 24 Aug 2001, Louis LeBlanc wrote: > On 08/22/01 10:32 PM, ScaryG sat at the `puter and typed: > > |O|>The funny codered hit was when Netscape.com got it. It seems that = they > > |O|>inherited some IIS servers because of a buyout and hadn't > > |O|>gotten around to > > |O|>switching over to Netscape Enterprise yet :) > > > > lol > > > > I live in Ontario, Canada and use the Bell High Speed Edition (DSL) > > network. > > > > Since about 4pm today (it's now 10:30pm) the Apache::CodeRed has respo= nded > > to at least 60 CodeRed probes on my web server, and has also noticed > > repeated probes (and ignored them). > > > > This apache module does a good job of emailing the offending system on= ce > > every 24 hours. It's worth a look for those that wanna try and help kno= ck > > this thing down. Can be found at http://www.cpan.org, just search for > > Apache::CodeRed > > > > -gf. > > I installed Apache::CodeRed a few days ago. Looks like things have > tapered off. Anyway, I really like the handling. The only thing I > would suggest as an addition is the ability to CC > abuse@ so they can bug those whose mail bounces (like > the many Win2k/cable modem systems that have no associated postmaster > or admin address). Possibly it does get thru to someone anyway, but > just to be sure . . . > > Anyway, thanks for the suggestion! And thanks to the Author and > contributors! > > Lou > -- > Louis LeBlanc leblanc@acadia.ne.mediaone.net > Fully Funded Hobbyist, KeySlapper Extrordinaire :) > http://acadia.ne.mediaone.net =D4=BF=D4=AC > > One can't proceed from the informal to the formal by formal means. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > Email - tforrest@shellworld.net - Tommy - KE4PYM www.shellworld.net/~tforrest To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message