Re: Threat of running a web server?
From: zack (news_at_zoccoz.comq)
Date: Wed, 21 Jan 2004 03:29:53 GMT
On Mon, 19 Jan 2004 00:03:03 GMT, "Noyb" <firstname.lastname@example.org> wrote:
>Does leaving port 80 open for serving web pages leave me vulnerable? A few
>hours after telling BlackICE to allow port 80 traffic in I got an alarm with
>this event: HTTP_Code_Red_II
>Norton alerted me to the virus soon after and deleted it. Here's there
>write-up on it if anyone's interested:
>I'm running Apache on WinXP with BlackICE and Norton AntiVirus running
>behind a Linksys router that is forwarding port 80 to my machine. Anyone
>know how this is possible that someone gave me a virus over my apache web
>server? Do I have a security hole or is this threat something I have to live
>with if I'm going to have a web server? Thanks for any help or suggestions.
BlackIce was simply notifying you of code red traffic being sent to
your computer. Code Red only affects IIS, it does not affect Apache,
so you should be safe..