Snort mailing list archives
RE: Cod Red HELP!!!!
From: s I n <sin () Aniela EU ORG>
Date: Tue, 7 Aug 2001 23:28:56 +0300 (EEST)
Yes, but the default www port is 80. If you run a big site and you don't want to be bothered by CodeRed Worm you just can't switch the default port. The no one will connect to the www server because, unless you specify this explictly, the web browser will try to make a conncetion to port 80 of the site. The best way to deal with it (in my opinion) is to have a firewall to filter out any connection request to port 80 of a server that contains the default.ida string, something like a Cisco router (someone on the list said it can do this). Rehards, /me
It seems to me that one method of getting rid of code red is to reconfigure the server so that it does not use port 80. This may or may not be practical with a big machine. It is only an thought based on the logs of my server on port 8080. There are no code red entries. ================================================================= beckman () clone concordia ca Carolyn Beckman =================================================================
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Cod Red HELP!!!!, (continued)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- RE: Cod Red HELP!!!! Carolyn Beckman (Aug 07)
- Code Red and port 443 (was RE: Code Red HELP!!!!) George D. Nincehelser (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Carolyn Beckman (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Thierry Coopman (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Marsiske Stefan (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Erek Adams (Aug 08)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Jason Haar (Aug 08)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- Re: RE: Cod Red HELP!!!! Kyle R Maxwell (Aug 07)
- Re: RE: Cod Red HELP!!!! s I n (Aug 08)
- Re: RE: Cod Red HELP!!!! Erek Adams (Aug 08)
- Re: RE: Cod Red HELP!!!! tibuq (Aug 08)
- Re: Cod Red HELP!!!! Advanced Hosting UNIX Admin Daniel Fairchild (Aug 10)