If you want to kill this new worm on the head (instead of many http requests stop it after the 1st it's very simple and a bit insecure) either use a firewalling tool or plain old route! firstly chmod +s your tool (this is insecure I know but then the webserver user can do the dirty work of blocking hosts in real time!) then say for iptables get a script called /scripts/root.exe to execute (in whatever your language is) /sbin/iptables -I INPUT -s (SOURCE IP) -j DROP OR /sbin/route add -host (SOURCE IP) dev lo and no more requests from that machine at all. On Wed, 19 Sep 2001, Graeme Robinson wrote: > the solution is to install linux and setup a firewall-gateway. Forget > trying to secure your win98 box. > > At 06:41 AM 19/09/2001 +1000, [EMAIL PROTECTED] wrote: > >Hi sluggers, > > > >I am convinced someone is trying to hack me, or crack rather. I am sitting > >on a dialup connection, and there's strange traffic happening. Even when I'm > >not FTP'ing or anything, I see I have sent out like half a megabyte or > >something. > > > >Is this unusual??? > > > >I am using Windows 98 SE on this particular connection. > > > >Is there a packet sniffer for Windows that I can sit on the connection to > >inspect all incoming and outgoing traffic, and get the IP address of the > >other side, etc? > > > >What is the best firewall that I can install for Windoze 98? > > > >Thanks heaps. > > > >James > > > > > > > >-- > >SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ > >More Info: http://lists.slug.org.au/listinfo/slug > > > -- > SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug > -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
