WEB IIS cmd exe requests - openSUSE Security - openSUSE Mailing Lists

newer
hacker attack ?

WEB IIS cmd exe requests

older
Re: [suse-security] WEB IIS cmd...

webmaster

19 Sep 2001 19 Sep '01

12:00

Hi list, May I ask you to write how that rejecting is with ipchains? Antal

Attachments:

attachment.htm (text/html — 461 bytes)

Reply

Sign in to reply online Use email software

Show replies by date

Boris Kantwerk

19 Sep 19 Sep

12:05

New subject: AW: [suse-security] WEB IIS cmd exe requests

Hi! I think you CAN'T. If you reject Port 80 requests, you reject ALL requests for your Webserver. Cheers, Boris. -----Ursprüngliche Nachricht----- Von: webmaster [mailto:webmaster@kreorg.hu] Gesendet: Mittwoch, 19. September 2001 14:01 An: suse-security@suse.com Betreff: [suse-security] WEB IIS cmd exe requests Hi list, May I ask you to write how that rejecting is with ipchains? Antal

Reply

Sign in to reply online Use email software

Boris Lorenz

12:39

New subject: [suse-security] WEB IIS cmd exe requests

Yup, On 19-Sep-01 webmaster wrote:

Hi list, May I ask you to write how that rejecting is with ipchains? Antal

you could use snort ( http://www.snort.org ) together with guardian ( http://home.golden.net/~elim/ ) to block IPs accessing cmd.exe/default.ida on your server. However, you will have an awful lot of blocked IPs if you�re going that way, given the widespread distribution of Code Red/II or nimda worms at the moment. Don�t do this if you�re running a firewall with a sub-Pentium CPU, e. g 486 DX4-100/66... ;) Boris Lorenz <bolo@lupa.de> ---

Reply

Sign in to reply online Use email software

8525

Age (days ago)

8525

Last active (days ago)

Download

2 comments

3 participants

tags

participants (3)

Boris Kantwerk
Boris Lorenz
webmaster