Date: Wed, 19 Sep 2001 16:52:11 -0600 From: Colin Faber <cfaber@fpsn.net> Cc: security@FreeBSD.ORG Subject: Re: NIMDA Virus (OT) Message-ID: <3BA9219B.772E33D5@fpsn.net> References: <3BA9C911.18530.49BAA5C@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Fyi, in case anyone hasn't noticed, Microsoft's Frontpage site `http://www.microsoft.com/frontpage has been infected. wget -q http://www.microsoft.com/frontpage; tail index.html (assuming it hasn't been fixed yet) rshea@opendoor.co.nz wrote: > > > We just put a log monitor on the Apache server, and are firewalling > > anything that sends a request with "cmd.exe" in it. Quite effective. > > I'd like to do this too. I use IPFW. Can anyone point me at a 'how-to' ? I > thought IPFW rules could only be based on IP address or service type ? > > thanks > > richard shea. > > ***************************************************** > Open Door Ltd > PO Box 119-46 > Wellington, NZ > > PH +64 4 384 7639 > FX +64 4 384 7672 > ***************************************************** > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BA9219B.772E33D5>