Hello,
There are several WindowsNT viruses trying to get into webservers (search,
in example "Nimda Worm" in Google, to have more information.)
What I'm doing to avoid the error log on my systems is bounce these requests
to a script using mod_rewrite. In httpd.conf, I add this:
### Worm Cat
Moin, moin ...
"Ashwin Khandare" <[EMAIL PROTECTED]> schrieb:
>Can u pls confirm me about the same and help me out to block it.
>Note:I did not find any logs in /var/log/secure and /var/log/messages
>from Aug 13 to Aug 17 as well.
There is some IIS infected and this Virus tries to spread itself
ECTED] - [EMAIL PROTECTED]
- Original Message -
From: Ashwin Khandare
To: [EMAIL PROTECTED] ; [EMAIL PROTECTED]
Sent: Monday, August 19, 2002 1:26 PM
Subject: Apache hacked urgent
hi guys,
I found the lines shown below in apache log messages and I got a feeling i m
hacked.
Sat Aug 17 15:36:51
hi guys,
I found the lines shown below in apache log
messages and I got a feeling i m hacked.
Sat Aug 17 15:36:51 2002] [error] [client
192.168.0.188] File does not exist:
/usr/local/argon/doc/_vti_bin/shtml.exe/_vti_rpc[Sat Aug 17 15:38:58 2002]
[error] [client 192.168.0.188] File does
