As a follow-on to my earlier, rather whimsical message, I've managed to get
IIS5 to recognize a custom file with an .asp extension as being associated
with a 404 event, but thats it. The thing just displays as raw text, as if
its a plain text dump to the screen. Can't seem to figure out how to get
past this. Any help would be greatly appreciated. I'm sure if I worked in
.asp at all this would be a lot easier to figure out.
Thx,
--Matt--
---------- Original Message ----------------------------------
From: "Brian Goldman" <[EMAIL PROTECTED]>
Date: Tue, 25 Sep 2001 13:59:41 -0700
>Hey Ron,
>How do you set up this file as a 404 page? 404 pages have to be html and
>asp is not allowed, isn't that correct.
>
>Thanks
>Brian
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]] On Behalf Of Ron Hornbaker
>Sent: Tuesday, September 25, 2001 9:16 AM
>To: [EMAIL PROTECTED]
>Subject: RE: [IMail Forum] Boomerang/Judo code (was: Virus Attacks)
>
>
>That's our code, if anyone has any questions about it. I posted it to a
>couple of lists yesterday, after Len posted an Apache version and gave
>me the idea. Looks like it's made the rounds and had its owner's name
>stripped from it and it's name changed from 404Judo.asp, but otherwise
>it's good. Boomerang indeed.
>
>Note that since you're turning the request back onto an infected server,
>the http GET should have access to its own cmd.exe file. You know, just
>in case you want to assist in their anti-viral efforts by re-formatting
>their C drive for them. ;) Please don't ask me how to do that.
>
>
>
>Ron Hornbaker
>President/CTO
> . . . . . . . . . . . . <http://humankindsystems.com/>
>http://humankindsystems.com
> . . . . . . . . . . . . w e c o d e. w e c a r e.
>
> . Come say Hi to us at ISPCON in Las Vegas, October 9-11, booth
>#3620!
> .
><http://www.ispcon.com/fall2001/attend-exhibitordetail.asp?X_ID=1792>
>http://www.ispcon.com/fall2001/attend-exhibitordetail.asp?X_ID=1792
> . <http://answertrack.com/> http://AnswerTrack.com - eCRM email
>tracking solution
> . <http://killerwebmail.com/> http://KillerWebMail.com - the name
>says it all
> . <http://hksi.net/products> http://hksi.net/products - EZSignUp,
>You'veGotIMail!, etc...
> . <http://hksi.net/testimonials> http://hksi.net/testimonials -
>1,666 admins can't be wrong
>
>
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Ken Anderson
>Sent: Tuesday, September 25, 2001 8:04 AM
>To: Imail; Tim
>Subject: Re: [IMail Forum] Virus Attacks
>
>
>Tim, A friend sent me this file snd said that it is a asp script that
>you can load on your IIS server and when a server tries to code red you
>it will send packets back to the server that is trying to attack you and
>after about 10 packets it shuts down there IIS services. I have not
>looked at it yet but came from a close friend.
>
>> --- Original Message ---
>> From: "Tim" <[EMAIL PROTECTED]>
>> To: "Imail" <[EMAIL PROTECTED]>
>> Date: Mon, 24 Sep 2001 20:52:55 -0500
>> Subject: [IMail Forum] Virus Attacks
>>
>> Does anyone know of a utility that will automatically block those IIS
>> servers that constantly try to attack an Imail server to stop these
>constant
>> attempts to attack port 80? Has anyone written a script that will add
>them
>> to the kill file? I think this would be a great
>> script/software/enhancement!!!!
>>
>> 20010924 204806 Socket Error - 63.237.172.134 Error while writing
>sockect
>> due to error 10054 or malicious connection type.
>> 20010924 204806 Socket Error - 63.237.172.134 Error while writing
>sockect
>> due to error 10054 or malicious connection type.
>> 20010924 204806 Socket Error - 63.237.172.134 Error while writing
>sockect
>> due to error 10054 or malicious connection type.
>> 20010924 204807 Info - 63.237.172.134 GET /MSADC/root.exe?/c+dir
>HTTP/1.0.
>>
>> Anyone
>>
>> Tim D
>
>
>
>
>Please visit http://www.ipswitch.com/support/mailing-lists.html
>to be removed from this list.
>
>An Archive of this list is available at:
>http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
