From owner-freebsd-stable Wed Sep 19 13:18:25 2001 Delivered-To: freebsd-stable@freebsd.org Received: from turtle.looksharp.net (cc360882-d.strhg1.mi.home.com [24.13.43.207]) by hub.freebsd.org (Postfix) with ESMTP id 594FF37B406 for ; Wed, 19 Sep 2001 13:18:23 -0700 (PDT) Received: by turtle.looksharp.net (Postfix, from userid 1003) id CF9493E23; Wed, 19 Sep 2001 16:19:04 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by turtle.looksharp.net (Postfix) with ESMTP id CC218BAAD; Wed, 19 Sep 2001 16:19:04 -0400 (EDT) Date: Wed, 19 Sep 2001 16:19:04 -0400 (EDT) From: "Brandon D. Valentine" To: David Taylor Cc: Subject: Re: virus ? In-Reply-To: <20010919203057.A56225@gattaca.yadt.co.uk> Message-ID: <20010919161754.E33443-100000@turtle.looksharp.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 19 Sep 2001, David Taylor wrote: >On Wed, 19 Sep 2001, Shigeyuki Fukushima wrote: >> >> There is /var/log directory flood attack. ;p >> Therefore, NOT 0%. >> > >He may be dosed by that, but his machine would not be infected with a >virus. FWIW, when things like this pop up adding the offending lines to httpd.conf with a dontlog directive will ensure they don't fill up your logs. This is useful on production machines where you do monitor the logs and are afraid of missing potential attacks because they get lost in the noise. -- "Never put off until tomorrow what you can do today. There might be a law against it by that time." -- /usr/games/fortune, 07/30/2001 Brandon D. Valentine To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message