On Sunday 03 February 2002 19:49, you wrote: > On Sun, 2002-02-03 at 13:33, Todd Slater wrote: > > On Sunday 03 February 2002 09:08 am, ed tharp wrote: > > > this is code red or nimda worms (or some worm close to it) and the > > > solution is to run linux. then, if you care, block the IP sending the > > > requests. since you don't run IIS, you will not have a problem other > > > than the bandwidth used by the rouge windox. you could try and figure > > > out the admin e-mainl of the send (requester) and send them an e-mail > > > letting them know they or dumd for using M$ on the net, and what they > > > are doing. (since they most likely got no clue,) > > > > Thanks to the many who responded. I e-mailed the ISPs, the offending IPs > > were mostly part of RoadRunner. I got canned e-mails from them, ATT > > Broadband, and rogers@home saying they were aware of the problem and > > working diligently to correct it, that I should get the latest patches > > blah blah. > > > > Anyway, it was suggested that I add the IP numbers to my hosts.deny file. > > Is this as easy as adding a line: > > > > ALL: 24.160.49.154, 24.123.54.138 > > > > There was way too much info in the man page! > > Sorry, Todd, my advice about the hosts.deny file was incorrect. That > file is only used by inetd and the services it controls. Since Apache > runs on its own, and is not controlled by inetd, the hosts.deny (and the > hosts.allow) file is irrelevant. > > Hey, at least I caught my own mistake :-)
You could add the IP addresses to the 'ignore' list in your firewall. There was an piece on Mandrake Forum a while back showing how to configure ipchains to do that sort of stuff. derek > > Dave
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
