Snort mailing list archives
Re: Cod Red HELP!!!!
From: Lance Spitzner <lance () honeynet org>
Date: Tue, 7 Aug 2001 09:34:28 -0500 (CDT)
On Tue, 7 Aug 2001, Advanced Hosting UNIX Admin Daniel Fairchild wrote:
Hello TIA we are having issues with code red on our unix servers we have 508 IPs per server and the Code Red scanning is acting like a Massive DDoS on our unix machines we are getting all these requests for default.ida and we are trying to figure out how to block it does any one have any sugesstions.
You may want to look at HogWash, it could identify and drop the Code Red traffic. http://hogwash.sourceforge.net lance _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Cod Red HELP!!!! Advanced Hosting UNIX Admin Daniel Fairchild (Aug 07)
- Re: Cod Red HELP!!!! Ralf Hildebrandt (Aug 07)
- RE: Cod Red HELP!!!! Theo Zourzouvillys (Aug 07)
- Re: RE: Cod Red HELP!!!! Jed Haile (Aug 07)
- Re: Cod Red HELP!!!! s I n (Aug 07)
- Re: Cod Red HELP!!!! Lance Spitzner (Aug 07)
- <Possible follow-ups>
- RE: Cod Red HELP!!!! van Oosterom, Peter (Aug 07)
- Re: Cod Red HELP!!!! Ralf Hildebrandt (Aug 07)
- RE: Cod Red HELP!!!! Mark Spieth (Aug 07)
- Re: Cod Red HELP!!!! Ralf Hildebrandt (Aug 07)
- RE: Cod Red HELP!!!! Nigel Morse (Aug 07)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- RE: Cod Red HELP!!!! Carolyn Beckman (Aug 07)
- Code Red and port 443 (was RE: Code Red HELP!!!!) George D. Nincehelser (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Carolyn Beckman (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Thierry Coopman (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- RE: Cod Red HELP!!!! s I n (Aug 07)