Security Incidents mailing list archives
Re: IIS (Possible DoS floating around)
From: Mike Shaw <mshaw () wwisp com>
Date: Mon, 12 Nov 2001 12:03:06 -0600
Any further info on system configurations? ISAPI mappings, installed software (perl, cold fusion...), running services?
-Mike At 12:27 PM 11/12/2001 -0500, Keith.Morgan wrote:
The focus-ms list is hopping a little regarding some strange behaviour from IIS. The symptoms: IIS continues to run (or sometimes crashes), but the common thread is that the port is closed. After recieving a report on focus-ms, and having this same behaviour occur on one of our webservers, I contacted a friend who runs a (logically) nearby network. He indicated that the same problem had occurred on some of thier servers. I'm currently pouring over logs attempting to locate anything out of the ordinary. Just a note for all those that will say "make sure you've applied patches or run the hfnetchk:" Our servers are at completely current patch levels. Keith T. Morgan Chief of Information Security Terradon Communications keith.morgan () terradon com 304-755-8291 x142 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- IIS (Possible DoS floating around) Keith.Morgan (Nov 12)
- Re: IIS (Possible DoS floating around) Mike Shaw (Nov 12)
- <Possible follow-ups>
- RE: IIS (Possible DoS floating around) Keith.Morgan (Nov 12)
- Re: IIS (Possible DoS floating around) Shoten (Nov 12)
- Re: IIS (Possible DoS floating around) Ezequiel Diaz-Pacheco (Nov 12)
- Re: IIS (Possible DoS floating around) Shoten (Nov 12)
- RE: IIS (Possible DoS floating around) Keith.Morgan (Nov 12)