[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Code Red
- Subject: [cobalt-users] Code Red
- From: Jason Vaughan <cobaltlist@xxxxxxxxxxx>
- Date: Thu Aug 9 03:57:05 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
There have been frequent threads about Code Red and even a few
scripts to check how many times it has attacked.
Here is a challenge for any top scripters out there...
Write a script which monitors the access log and if it sees tell tale
signs (e.g requests for .ida) it then blocks that IP address, using
IPCHAINS or similar.
I don't even know if this would help but if the Code Red could not
even see the server, would it not just go away and bother someone
else?
Even better would be to log the IP address, do a dig on the results
and send an abusive message to the administrator of the site it
resolves to (if available) or the admin for the IP block.
Jason Vaughan
Netergy.com
--
---------------------------------------------
Jason Vaughan
Netergy.com Limited
Studio 1B, 101 Farm Lane, London SW6 1QJ
T: 020 7610 1010 - F: 020 7610 1551
http://www.netergy.com
http://www.anynames.com
---------------------------------------------
IMPORTANT LEGAL NOTICE:
This e-mail is strictly confidential and is intended solely for the
person or organisation to whom it is addressed. It may contain
privileged and confidential information and if you are not the
intended recipient, you must not copy, distribute or take any action
in reliance on it. If you have received this communication in error,
please advise us by e-mail and delete the file from your system.
If you contact us by e-mail, we will store your name and address to
facilitate communications.