Worm/Virus alert

From: Douglas Quebbeman <dhquebbeman_at_theestopinalgroup.com>
Date: Tue Sep 18 16:15:55 2001

> OK, I know this is not exactly on-topic, but I thought it was
> ridiculous enough to share.
>
> Here's what I get from the logs on my IRIX web server running apache:
>
> > egrep "scripts/\.\..*" access_log | grep "18/Sep/2001" | wc -l
> 7273
>
> > egrep "msadc/\.\..*" access_log | grep "18/Sep/2001" | wc -l
> 809
>
> > egrep "_vti.*/\.\..*" access_log | grep "18/Sep/2001" | wc -l
> 811
>
> so, that's 8,893 bogus MS exploit requests. note too, that those numbers
grew
> by about 5% in about 5 minutes. Damn, I'm glad I don't run a windows
machine
> :)

We do, and it isn't causing us any more trouble than *nix servers.
'Coz we patch.

Surely the *nix sysadmins spend as much time writing Perl scripts
as we do patching MS bugs...

;-)

-dq
Received on Tue Sep 18 2001 - 16:15:55 BST

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:34:25 BST