New IIS Exploit?From: DS (email@example.com)
- Previous message: Stephen C. Gay: "Windows Update - SUS - An thanks everyone"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "DS" <firstname.lastname@example.org> To: <email@example.com> Date: Sun, 10 Nov 2002 05:10:23 -0500
Is there something new going around killing IIS Servers\Services?
Not only have I experienced this, but also few friends.
Running IIS on port 80, working fine and then all of a sudden,
You or someone tries to browse your website and cannot connect.
So you run a netstat -a while browsing that website and it says:
TCP mymachine:3041 121.XX.XX.XX.XX.rr.com:http SYN_SENT
It was working all day and now this SYN_SENT comes in.
Nothing in the logs. Had them scan for code red 2 and nothing.
Anyone experienced this?