On Thursday 15 April 2004 15:08, Hamish McBrearty wrote: > Hi all > > I'm sure any of us here who administrer a website have seen these scans > that come in every hour of the day looking for "cmd.exe" or "default.ida" > and so on. After a bit of Googling about this I've noticed that there are > two schools of thought, those who laugh and say that's an IIS exploit and > I'm Apache, and those who get annoyed by this an try to put a stop to it > with iptables and the like. > > What do those of us in CLUG do? Laugh or fight back? Mostly Laugh and ignore the problem. You can fight back in a limited way if you can be bothered by emailing the abuse@ address of the upstream provider to the infected machine.
-- Sincerely etc. Christopher Sawtell NB. This PC runs Linux. If you find a virus apparently from me, it has forged the e-mail headers on someone else's machine. Please do not notify me when this occurs. Thanks.
