[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] [RaQ4] The main web server appears to be down

Subject: RE: [cobalt-users] [RaQ4] The main web server appears to be down
From: Graeme Fowler <graeme.fowler@xxxxxxxxxxxxxx>
Date: Wed Sep 12 00:41:49 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Erik wrote:

> Just some extra info from the access.log
> We found a lot of messages like this;
> 
> www.domain.com 193.98.32.211 - - [10/Sep/2001:07:53:30 +0200] "GET
> /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
<snip>

It's a machine infected with CodeRed vII attempting to connect to port 80 on
your machine and pump the shellcode into it. Since your machine is a RaQ
running Apache it's nothing to worry about.

Graeme
-- 
Graeme Fowler
System Administrator
Host Europe Group PLC

Follow-Ups:
- RE: [cobalt-users] [RaQ4] The main web server appears to be down
  - From: support

Prev by Date: Re: [cobalt-users] [RaQ4] The main web server appears to be down
Next by Date: RE: [cobalt-users] Re: OT: Hope your guys are all ok
Previous by thread: RE: [cobalt-users] [RaQ4] The main web server appears to be down
Next by thread: RE: [cobalt-users] [RaQ4] The main web server appears to be down

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index