Re: apache and nimbda
From: Richard Huffman (huffmanr@retail.si.edu)Date: 01/29/02
- Previous message: elliptic: "Re: apache and nimbda"
- Maybe in reply to: Brian Clifton: "apache and nimbda"
- Next in thread: Tommaso Di Donato: "Re: apache and nimbda"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Jan 2002 04:27:11 -0500 From: "Richard Huffman" <huffmanr@retail.si.edu> To: <brian@omegadm.co.uk>, <focus-linux@securityfocus.com>
*
When code red hit I put the following in my httpd.conf, right before where the ScriptAlias directives are placed:
Redirect permanent /scripts/ http://127.0.0.1/
Redirect permanent /_vti_bin/ http://127.0.0.1/
Redirect permanent /_mem_bin/ http://127.0.0.1/
Redirect permanent /c/winnt/ http://127.0.0.1/
Redirect permanent /d/winnt/ http://127.0.0.1/
Redirect permanent /msadc/ http://127.0.0.1/
Redirect permanent /MSADC/ http://127.0.0.1/
Redirect permanent /default.ida http://127.0.0.1/
You could add:
Redirect permanent *.exe http://127.0.0.1/
Just remember not to put up any self-extracting archives on your site. :)
The worm won't turn on itself but it does solve the error log problem.
>>> "Brian Clifton" <brian@omegadm.co.uk> 01/28/02 15:56 PM >>>
Dear All
Is there a way to stop apache responding to .exe file requests altogether?
- Previous message: elliptic: "Re: apache and nimbda"
- Maybe in reply to: Brian Clifton: "apache and nimbda"
- Next in thread: Tommaso Di Donato: "Re: apache and nimbda"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
