Thanks John,
I knew they were there somewhere just couldn't find them.
Jeff
----- Original Message -----
From: "John Fix 3rd" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, July 19, 2001 6:58 PM
Subject: RE: IIS and the Code Red Worm
> Jeff,
>
> Open Internet Service Admin, then open the web service tree and right
> click on the root web server. Select Properties, then Home Directory
> and then click on Configuration.
>
> Hope this helps... Figured the CF list was too slow so emailed you
> directly. :-)
>
> John
> www.cornells.com
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, July 19, 2001 8:02 PM
> > To: CF-Talk
> > Subject: Re: IIS and the Code Red Worm
> >
> >
> > OK. I have slept since I unmapped the .htr extension. I think
> > that was on NT 4. Now I don't remember where to go to disable
> > these extensions..or if I ever knew. Anyway I'm installing
> > windows 2000 sp2 waiting for it to reboot at the moment.
> > Where are the ida, idq, htr hiding.
> >
> > I've been there before but I haven't been able to unearth them again.
> >
> > Jeff Craig
> >
> >
> > ----- Original Message -----
> > From: "Kelly Matthews" <[EMAIL PROTECTED]>
> > To: "CF-Talk" <[EMAIL PROTECTED]>
> > Sent: Thursday, July 19, 2001 4:57 PM
> > Subject: RE: IIS and the Code Red Worm
> >
> >
> > > yes but download the patch to be safe
> > > http://www.microsoft.com/technet/security/bulletin/MS01-033.asp
> > >
> > > -----Original Message-----
> > > From: admin [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, July 19, 2001 5:17 PM
> > > To: CF-Talk
> > > Subject: Re: IIS and the Code Red Worm
> > >
> > >
> > > at least blackics is seeing it and "hopefully" stopping it
> > >
> > > Richard
> > > ----- Original Message -----
> > > From: "Daryl Fullerton" <[EMAIL PROTECTED]>
> > > To: "CF-Talk" <[EMAIL PROTECTED]>
> > > Sent: Thursday, July 19, 2001 12:27 PM
> > > Subject: IIS and the Code Red Worm
> > >
> > >
> > > > Hi guys thought you all should be made aware of this .....most of
> > > > you probably do know.
> > > >
> > > > But just in case you are encountering server trouble on IIS 4
> > > >
> > > > The code red worm is causing havok with IIS and stoping IIIS 4
> > > >
> > > > see below
> > > >
> > > > Cheers
> > > >
> > > > D
> > > >
> > > >
> > > >
> > > >
> > > > Thanks -- that's what I was afraid of.
> > > >
> > > > We have 3 servers it is happening on right now, and
> > > > We had the patch installed, but are manually removing the ida and
> > > > idq entries.
> > > >
> > > > Thanks!
> > > > Tim P.
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Leon Oosterwijk" <[EMAIL PROTECTED]>
> > > > To: <[EMAIL PROTECTED]>
> > > > Sent: Thursday, July 19, 2001 1:45 PM
> > > > Subject: RE: IIS 4 Stopping Unexpectedly
> > > >
> > > >
> > > > Tim,
> > > >
> > > > I could not on my first round of investigations find anything
> > > > unusual. The inbound/outbound traffic on the machine did not jump
> > > > significantly. the Processor did not see any big jumps of
> > activity,
> > > > memory levels, all normal.
> > > > There was a large amount of TCP/IP sockets open, but that
> > seemed normal
> > > > due
> > > > to the volume of websites hosted. In other words, No. :(
> > > >
> > > > Leon
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Tim Painter [mailto:[EMAIL PROTECTED]]
> > > > Sent: Thursday, July 19, 2001 12:38 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: IIS 4 Stopping Unexpectedly
> > > >
> > > >
> > > > Leon,
> > > > We are running into something like this right now. Is
> > there any way
> > > > to tell if in fact that is what is happening on the machine?
> > > >
> > > > Tim P.
> > > > ----- Original Message -----
> > > > From: "Leon Oosterwijk" <[EMAIL PROTECTED]>
> > > > To: <[EMAIL PROTECTED]>
> > > > Sent: Thursday, July 19, 2001 1:29 PM
> > > > Subject: RE: IIS 4 Stopping Unexpectedly
> > > >
> > > >
> > > > I've noticed this on our IIS4 machine. I installed the latest
> > > > microsoft
> > > > patch:
> > > >
> > http://www.microsoft.com/technet/treeview/default.asp?url=/tec
> > hnet/secur
> > > > ity/
> > > > bulletin/MS01-033.asp
> > > >
> > > > This seems to have fixed it. (After repeated reboots)
> > > >
> > > > You might want to download and install the similar patch for your
> > > > IIS System. This patch seems to prevent the "Code Red"
> > worm or other
> > > > exploits from harming your system. The behavious that I
> > experienced
> > > > in not consistent
> > > > with the "Code Red" worm, but it is possible that there
> > are other worms
> > > > out
> > > > there making use of the same security hole.
> > > >
> > > > I realize that this message might be off-post, but any feedback
> > > > people have on this would be welcome on: [EMAIL PROTECTED]
> > > >
> > > > Regards,
> > > > Leon Oosterwijk
> > > > ISDN-NET Inc.
> > > > www.isdn.net
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Troy Allen [mailto:[EMAIL PROTECTED]]
> > > > Sent: Thursday, July 19, 2001 12:11 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: IIS 4 Stopping Unexpectedly
> > > >
> > > >
> > > > I have IIS 4 running on NT 4 SP 6a. It is a dual Pentium
> > III 800 MHz
> > > > server with a Gig of RAM. I have installed all of the latest IIS
> > > > patches.
> > > >
> > > > Starting yesterday, the IIS stopped running all on its own. When
> > > > there is ANY kind of unexpected service stoppage (Dr
> > Watson, etc.)
> > > > on this server, I get an email from the Compaq Insight
> > Monitors. But
> > > > that is not happening. It is as if someone is actually
> > stopping the
> > > > inetinfo process in the Services control panel. I am watching the
> > > > server when it happens, and no one is logging into the
> > server when
> > > > it happens.
> > > >
> > > > The stoppage frequency has steadily increased from hours apart to
> > > > mere seconds.
> > > >
> > > > Anyone seen this before? I have searched all over the
> > net, including
> > > > BugTraq, MS, Allaire, and all the major search engines to
> > no avail.
> > > > I am running a complete Virus scan, but it has not found anything.
> > > >
> > > > Any ideas would be greatly appreciated.
> > > >
> > > > Troy
> > > >
> > > > --
> > > > "What Boots Up, Must Come Down."
> > > >
> > > > ____________________
> > > >
> > > > Troy L. Allen, Sr.
> > > > Chief Technology Officer
> > > > The MAXXIS Group, Inc.
> > > > ____________________
> > > >
> > > >
> > > >
> > --------------------------------------------------------------------
> > > > ----
> > > > ----
> > > > ----
> > > > Control your subscriptions to ACFUG lists via the ACFUG website at
> > > > www.acfug.org.
> > > >
> > --------------------------------------------------------------
> > ----------
> > > > ----
> > > > ----
> > > > Control your subscriptions to ACFUG lists via the ACFUG website at
> > > > www.acfug.org.
> > > >
> > > >
> > > >
> > --------------------------------------------------------------------
> > > > ----
> > > > ----
> > > > ----
> > > > Control your subscriptions to ACFUG lists via the ACFUG website at
> > > > www.acfug.org.
> > > >
> > --------------------------------------------------------------
> > ----------
> > > > ----
> > > > ----
> > > > Control your subscriptions to ACFUG lists via the ACFUG website at
> > > > www.acfug.org.
> > > >
> > > >
> > > >
> > --------------------------------------------------------------------
> > > > ----
> > > > --------
> > > > Control your subscriptions to ACFUG lists via the ACFUG website at
> > > > www.acfug.org.
> > > >
> > > >
> > > > Daryl Fullerton,
> > > > Managing Partner,
> > > > BizNet Solutions,
> > > > Allaire Premier Partner (Ireland)
> > > > 133 - 137 Lisburn Road
> > > > Belfast
> > > > BT9 7AG
> > > > N.Ireland
> > > >
> > > > Direct +44 (0) 28 9022 7888
> > > > Tel +44 (0) 028 9022 3224
> > > > Fax +44 (0) 028 9022 3223
> > > >
> > > >
> > > > [EMAIL PROTECTED]
> > > > Http://www.BizNet-Solutions.com
> > > >
> > > > [EMAIL PROTECTED] (Chairman)
> > > > Http://www.cfug.ie The Irish Cold Fusion User Group
> > > >
> > > >
> > > >
> > >
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
