Date: Wed, 19 Sep 2001 08:28:00 -0300 From: "Mario de Oliveira Lobo Neto" <Mlobo@ear.com.br> To: Brett Glass <brett@lariat.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: NIMDA Virus Message-ID: <3BA8570F.8114.55B69A5@localhost> In-Reply-To: <4.3.2.7.2.20010918153412.0493bc10@localhost> References: <F143IQrttDRdNOUivlQ00013ed8@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18 Sep 2001, at 15:39, Brett Glass wrote: > We just put a log monitor on the Apache server, and are firewalling anything > that sends a request with "cmd.exe" in it. Quite effective. > > --Brett Brett; Forgive my ignorance, but when you say "firewalling", you mean in Apache or in ipfw? if you mean ipfw, how did you build the ipfw rule to reject those "GET cmd.exe" ? They are not causing any harm to our novell enterprise server but the logs are growing fast. Thanks, Mario Lobo - *** Mario Lobo - mlobo@ear.com.br *** American School of Recife To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BA8570F.8114.55B69A5>