My First Server attacks
Moderators: Big-O Ryan, Big-O Mark, Matt, jester22c
-
- Moderator
- Posts: 815
- Joined: Sun Sep 22, 2002 3:33 pm
- Contact:
My First Server attacks
As of now.. I'm scared shitless..and it's a good thing I installed Sygate Firewall Pro on my Server LAST NIGHT!
I recieved a few "Code Red" Dos attacks from one source only (someone who's infected obviously), and an Intrusion Detection System with an application name of 'inetinfo.exe'.
I tryed a WhoIS lookup on the IP of the possible intrusion and,
and it comes from someone in NY, but it looks as if they provided false WhoIs.
The Code Red Attacks come from some business out in Virginia....
I recieved a few "Code Red" Dos attacks from one source only (someone who's infected obviously), and an Intrusion Detection System with an application name of 'inetinfo.exe'.
I tryed a WhoIS lookup on the IP of the possible intrusion and,
and it comes from someone in NY, but it looks as if they provided false WhoIs.
The Code Red Attacks come from some business out in Virginia....
- Master Jedi
- Guru
- Posts: 1161
- Joined: Sat Jun 15, 2002 10:34 pm
- Contact:
-
- Moderator
- Posts: 815
- Joined: Sun Sep 22, 2002 3:33 pm
- Contact:
-
- Moderator
- Posts: 815
- Joined: Sun Sep 22, 2002 3:33 pm
- Contact:
- Master Jedi
- Guru
- Posts: 1161
- Joined: Sat Jun 15, 2002 10:34 pm
- Contact:
- Plasma2002b
- Extreme Groupie
- Posts: 976
- Joined: Thu Jul 18, 2002 11:36 pm
- Location: Riverside, Ca
- Contact:
wasted...... if you just keep blocking the IP's of the attackers, your just gonna get a huge block list...... cause the machines that are attacking are random.... and even if the do strike more than once, they cant do anything as long as you have the correct service pack updates..... but you can still see that they are attacking.....
ive learned to live with it and just ignore it.
ive learned to live with it and just ignore it.
-
- Moderator
- Posts: 815
- Joined: Sun Sep 22, 2002 3:33 pm
- Contact:
- Master Jedi
- Guru
- Posts: 1161
- Joined: Sat Jun 15, 2002 10:34 pm
- Contact:
Code Red only affects computers running IIS, the web server software from Micro$oft. It is very unlikely that people are serving web pages through a proxy because that can put a very heavy (and unnecessary) load on the proxy server.tone wrote:Plus they might connect through proxy which will make their ip invisible.
SorryMaster Jedi wrote:Code Red only affects computers running IIS, the web server software from Micro$oft. It is very unlikely that people are serving web pages through a proxy because that can put a very heavy (and unnecessary) load on the proxy server.tone wrote:Plus they might connect through proxy which will make their ip invisible.
I wasnt thinking straight, i just assumed because he said he got a company's name in Virgina and he thought that it was fake so i thought proxy.
tone
Who is online
Users browsing this forum: No registered users and 0 guests