CR - inetinfo - tool to show number of processes

[robinton () GMX de (Soeren Ziehe)]

Hello,

by chance I learned of the existence of prcview (www.prcview.com), which  
is a process viewer. It displays running processes, their threads, used  
DLL'S etc.
Under Win95 (presumably also under 98/ME) it displays the number of  
threads for each process in a column in its main window.

This easily allows one to check the number of threads for inetinfo.exe  
(IIS). I do not know the number of threads for a "normal" IIS on a non- 
busy/busy site. However one should be able to easily see a drastic  
increase of threads caused by CRv1/CRv2 or CodeRedII (even more so).

Under NT4 I do not get the column with the number of threads. There one  
has to use a seperate thread list window for each process. Since there  
is no sum displayed it could be quite difficult to get the number of  
running threads easily, if the base number of threads for inetinfo.exe  
is quite high. However a huge increase caused by Code Red infection  
should be spotable nonetheless.
Under win2000 the summary column for the number of threads is also  
missing and thus waht I wrote for winnt4 applies.

Robinton

-- 
I've asked for kindness and ultimate truth. Still waiting for the answer.
-- 
Blessed are they who can laugh at themselves for they shall never cease to
be amused.
 ~ Riddles and More



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com