2 Aug
2001
2 Aug
'01
18:48
My linux box here runs with a packet filter, but has an open port 80 which I need for work. It was attacked 9 times on the 19th July and 35 times in the last day. The figures for the NT box were 24 times on 19th July, and 28 times during the last day. For anyone wanting to check their own weblogs, an attack is characterised by a request for /default.ida with a very long query string.
Most amusing, thanks for the info. Ours has had 59 probes, including 27 on 2nd August. Looks as if it's still in the wild, but as the infected servers are so easy to identify I expect they'll get fixed before long. -- Christopher Dawkins, Felsted School, Dunmow, Essex CM6 3JG 01371-820527 or 07798 636725 cchd@felsted.essex.sch.uk