yes but download the patch to be safe
http://www.microsoft.com/technet/security/bulletin/MS01-033.asp
-----Original Message-----
From: admin [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 19, 2001 5:17 PM
To: CF-Talk
Subject: Re: IIS and the Code Red Worm
at least blackics is seeing it and "hopefully" stopping it
Richard
----- Original Message -----
From: "Daryl Fullerton" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, July 19, 2001 12:27 PM
Subject: IIS and the Code Red Worm
> Hi guys thought you all should be made aware of this .....most of you
> probably do know.
>
> But just in case you are encountering server trouble on IIS 4
>
> The code red worm is causing havok with IIS and stoping IIIS 4
>
> see below
>
> Cheers
>
> D
>
>
>
>
> Thanks -- that's what I was afraid of.
>
> We have 3 servers it is happening on right now, and
> We had the patch installed, but are manually removing the ida and idq
> entries.
>
> Thanks!
> Tim P.
>
>
> ----- Original Message -----
> From: "Leon Oosterwijk" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, July 19, 2001 1:45 PM
> Subject: RE: IIS 4 Stopping Unexpectedly
>
>
> Tim,
>
> I could not on my first round of investigations find anything unusual.
> The
> inbound/outbound traffic on the machine did not jump significantly. the
> Processor did not see any big jumps of activity, memory levels, all
> normal.
> There was a large amount of TCP/IP sockets open, but that seemed normal
> due
> to the volume of websites hosted. In other words, No. :(
>
> Leon
>
>
> -----Original Message-----
> From: Tim Painter [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, July 19, 2001 12:38 PM
> To: [EMAIL PROTECTED]
> Subject: Re: IIS 4 Stopping Unexpectedly
>
>
> Leon,
> We are running into something like this right now. Is there any way to
> tell
> if in fact that is what is happening on the machine?
>
> Tim P.
> ----- Original Message -----
> From: "Leon Oosterwijk" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, July 19, 2001 1:29 PM
> Subject: RE: IIS 4 Stopping Unexpectedly
>
>
> I've noticed this on our IIS4 machine. I installed the latest microsoft
> patch:
> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
> ity/
> bulletin/MS01-033.asp
>
> This seems to have fixed it. (After repeated reboots)
>
> You might want to download and install the similar patch for your IIS
> System. This patch seems to prevent the "Code Red" worm or other
> exploits
> from harming your system. The behavious that I experienced in not
> consistent
> with the "Code Red" worm, but it is possible that there are other worms
> out
> there making use of the same security hole.
>
> I realize that this message might be off-post, but any feedback people
> have
> on this would be welcome on: [EMAIL PROTECTED]
>
> Regards,
> Leon Oosterwijk
> ISDN-NET Inc.
> www.isdn.net
>
>
> -----Original Message-----
> From: Troy Allen [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, July 19, 2001 12:11 PM
> To: [EMAIL PROTECTED]
> Subject: IIS 4 Stopping Unexpectedly
>
>
> I have IIS 4 running on NT 4 SP 6a. It is a dual Pentium III
> 800 MHz server with a Gig of RAM. I have installed all of
> the latest IIS patches.
>
> Starting yesterday, the IIS stopped running all on its own.
> When there is ANY kind of unexpected service stoppage (Dr
> Watson, etc.) on this server, I get an email from the Compaq
> Insight Monitors. But that is not happening. It is as if
> someone is actually stopping the inetinfo process in the
> Services control panel. I am watching the server when it
> happens, and no one is logging into the server when it
> happens.
>
> The stoppage frequency has steadily increased from hours
> apart to mere seconds.
>
> Anyone seen this before? I have searched all over the net,
> including BugTraq, MS, Allaire, and all the major search
> engines to no avail. I am running a complete Virus scan, but
> it has not found anything.
>
> Any ideas would be greatly appreciated.
>
> Troy
>
> --
> "What Boots Up, Must Come Down."
>
> ____________________
>
> Troy L. Allen, Sr.
> Chief Technology Officer
> The MAXXIS Group, Inc.
> ____________________
>
>
> ------------------------------------------------------------------------
> ----
> ----
> Control your subscriptions to ACFUG lists via the ACFUG website at
> www.acfug.org.
> ------------------------------------------------------------------------
> ----
> ----
> Control your subscriptions to ACFUG lists via the ACFUG website at
> www.acfug.org.
>
>
> ------------------------------------------------------------------------
> ----
> ----
> Control your subscriptions to ACFUG lists via the ACFUG website at
> www.acfug.org.
> ------------------------------------------------------------------------
> ----
> ----
> Control your subscriptions to ACFUG lists via the ACFUG website at
> www.acfug.org.
>
>
> ------------------------------------------------------------------------
> --------
> Control your subscriptions to ACFUG lists via the ACFUG website at
> www.acfug.org.
>
>
> Daryl Fullerton,
> Managing Partner,
> BizNet Solutions,
> Allaire Premier Partner (Ireland)
> 133 - 137 Lisburn Road
> Belfast
> BT9 7AG
> N.Ireland
>
> Direct +44 (0) 28 9022 7888
> Tel +44 (0) 028 9022 3224
> Fax +44 (0) 028 9022 3223
>
>
> [EMAIL PROTECTED]
> Http://www.BizNet-Solutions.com
>
> [EMAIL PROTECTED] (Chairman)
> Http://www.cfug.ie The Irish Cold Fusion User Group
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
