Date: Wed, 4 Jun 2003 17:53:14 +0100
Where am I looking for these errors...in the same Firewall report, or logs
"Erik" <firstname.lastname@example.org> wrote in message
> >-----Original Message-----
> >On my Firewall logs on a frequent basis I am getting the
> >message as a destination:
> http://192.168.1.3/default.ida?. The IP address is
> >just a web server on a DMZ, but can anyone tell me the
> significance of the
> >"default.ida" file?
> > I'd appreciate any help!!
> > Ken
> The default.ida is the file that Cod Red exploits. Your
> firewall is probably stopping the attack. Look for the
> 404 error, which would mean that your are OK. If it's
> getting a 200, then you may want to look at the server,
> which could be compromised.
- Re: disconnect a hacker
... My Web server station is right next ... my attention divided by security concerns... ... see an IP connected to port 80, ... I've been forwarding my firewall logs to my ISP, ...
- Re: Firewall on server itself
... Perhaps the iptables could defend against an intruder who is already ... Firewall vender specific vulnerabilities ... >> be configured to protect the web server as well other computers on ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
- Re: [fw-wiz] Using SSL accelerators in firewalls
... It also depends on what you're using your SSL for, and how tightly you can couple ... your firewall with your web application. ... web server don't have to be very aware of each other. ... >> lost in the process and the security of transactions eroded. ...
- Re: security advice (possible hacker activity?)
... > trojan or worm is installed onto the web server. ... > itself through the firewall to an email user on a PC, ... > the IIS web server. ... IWAM runs any site with Access or SQL. ...
- AW: Firewall on server itself
... There are no disadvantages of having a firewall protecting your web server, ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...