From owner-freebsd-questions Fri Aug 24 10:18:30 2001 Delivered-To: freebsd-questions@freebsd.org Received: from chmls06.mediaone.net (chmls06.mediaone.net [24.147.1.144]) by hub.freebsd.org (Postfix) with ESMTP id 592BB37B405 for ; Fri, 24 Aug 2001 10:18:24 -0700 (PDT) (envelope-from leblanc@smtp.ne.mediaone.net) Received: from canada.acadia.ne.mediaone.net (acadia.ne.mediaone.net [65.96.185.189]) by chmls06.mediaone.net (8.11.1/8.11.1) with ESMTP id f7OHIPm17182 for ; Fri, 24 Aug 2001 13:18:25 -0400 (EDT) Received: (from leblanc@localhost) by canada.acadia.ne.mediaone.net (8.11.5/8.11.5) id f7OHCIJ42783; Fri, 24 Aug 2001 13:12:18 -0400 (EDT) (envelope-from leblanc) Date: Fri, 24 Aug 2001 13:12:18 -0400 From: Louis LeBlanc To: freebsd-questions@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: Reporting Code Red attempts Message-ID: <20010824131218.A42700@acadia.ne.mediaone.net> Reply-To: freebsd-questions@FreeBSD.ORG Mail-Followup-To: freebsd-questions@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.3.20i X-bright-idea: Lets abolish HTML mail! Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 08/22/01 10:32 PM, ScaryG sat at the `puter and typed: > |O|>The funny codered hit was when Netscape.com got it. It seems that they > |O|>inherited some IIS servers because of a buyout and hadn't > |O|>gotten around to > |O|>switching over to Netscape Enterprise yet :) > > lol > > I live in Ontario, Canada and use the Bell High Speed Edition (DSL) > network. > > Since about 4pm today (it's now 10:30pm) the Apache::CodeRed has responded > to at least 60 CodeRed probes on my web server, and has also noticed > repeated probes (and ignored them). > > This apache module does a good job of emailing the offending system once > every 24 hours. It's worth a look for those that wanna try and help knock > this thing down. Can be found at http://www.cpan.org, just search for > Apache::CodeRed > > -gf. I installed Apache::CodeRed a few days ago. Looks like things have tapered off. Anyway, I really like the handling. The only thing I would suggest as an addition is the ability to CC abuse@ so they can bug those whose mail bounces (like the many Win2k/cable modem systems that have no associated postmaster or admin address). Possibly it does get thru to someone anyway, but just to be sure . . . Anyway, thanks for the suggestion! And thanks to the Author and contributors! Lou -- Louis LeBlanc leblanc@acadia.ne.mediaone.net Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://acadia.ne.mediaone.net ԿԬ One can't proceed from the informal to the formal by formal means. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message