Snort mailing list archives
Re: RE: Cod Red HELP!!!!
From: s I n <sin () Aniela EU ORG>
Date: Wed, 8 Aug 2001 09:51:03 +0300 (EEST)
Ouch! Oh, well.... then you can settle with iptables. and try to limit de incmoing conections to your server to a specified amount per minute or per second. /me On Tue, 7 Aug 2001, Kyle R Maxwell wrote:
I'm not a Cisco export, but what yuo want is their CSS (content switch). Does lots of cool stuff, but it's *extremely* expensive (as in generally in the $200k+ range) so it's probably only within the reach of relatively large organizations. On Tue, 7 Aug 2001, s I n wrote:Yes, but the default www port is 80. If you run a big site and you don't want to be bothered by CodeRed Worm you just can't switch the default port. The no one will connect to the www server because, unless you specify this explictly, the web browser will try to make a conncetion to port 80 of the site. The best way to deal with it (in my opinion) is to have a firewall to filter out any connection request to port 80 of a server that contains the default.ida string, something like a Cisco router (someone on the list said it can do this).-- Kyle Maxwell kmaxwell () superpages com SuperPages.com Sys Admin
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Code Red and port 443 (was RE: Code Red HELP!!!!), (continued)
- Code Red and port 443 (was RE: Code Red HELP!!!!) George D. Nincehelser (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Carolyn Beckman (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Thierry Coopman (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Marsiske Stefan (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Erek Adams (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Jason Haar (Aug 08)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- Re: RE: Cod Red HELP!!!! Kyle R Maxwell (Aug 07)
- Re: RE: Cod Red HELP!!!! s I n (Aug 08)
- Re: RE: Cod Red HELP!!!! Erek Adams (Aug 08)
- Re: RE: Cod Red HELP!!!! tibuq (Aug 08)
- Re: Cod Red HELP!!!! Advanced Hosting UNIX Admin Daniel Fairchild (Aug 10)