[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] IIS Revenge ?

Subject: Re: [cobalt-users] IIS Revenge ?
From: "Gerald Waugh" <gerald@xxxxxxxxx>
Date: Sat Sep 22 16:21:39 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> I installed patch below and noticed that the IIS server actually does
> not redirect to itself.
> If you set the redirect to a web site URL you can monitor the logs on,
> there is no access to that site despite the redirect.  If anyone has
> information to the contrary please advise.  btw: I was curious and
> decided to test it with a real redirect when it seemed to make no
> difference in qty of attacks from the same servers.
>
>

CORRECTION between <VirtualHost> </VirtualHost>

> RedirectMatch (.*)\cmd.exe$ http://127.0.0.1
> RedirectMatch (.*)\default.ida$ http://127.0.0.1
> RedirectMatch (.*)\root.exe$ http://127.0.0.1
>

I never tested it, but it did drastically reduce the number of access I
received.
And, the people on the isp-linux list say it works.
I'll run some test myself and see if I can determine if it is working.
Gerald

References:
- RE: [cobalt-users] IIS Revenge ?
  - From: Michael Bonafede

Prev by Date: [cobalt-users] pmfirewall (was worm attack)
Next by Date: [cobalt-users] Root partition nearly full
Previous by thread: RE: [cobalt-users] IIS Revenge ?
Next by thread: RE: [cobalt-users] IIS Revenge ?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index