RE: disinfection tool

From: Ken Pfeil (Kenat_private)
Date: Mon Aug 06 2001 - 12:41:21 PDT

Next message: Doug.Barbinat_private: "RE: Method to Clean up IIS servers hit by CRv2"

Previous message: Mark Challender: "Was RE: disinfection tool -- now a minor rant."
In reply to: Alfred Huger: "Re: disinfection tool"
Next in thread: Homer Wilson Smith: "Re: disinfection tool"
Next in thread: Rob McCauley: "RE: disinfection tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Black Holing's not likely..At least with RoadRunner (TimeWarnerCable).
I've had this same host over the last 15 hours...
Open the IP addy in a browser and (no suprise) returns:

The page cannot be displayed
There are too many people accessing the Web site at this time.

----------------------------------------------------------------------------
----

Please try the following:

Click the Refresh button, or try again later.

Open the xxx.xxx.xxx.xxx home page, and then look for links to the
information you want.
HTTP 403.9 - Access Forbidden: Too many users are connected
Internet Information Services

----------------------------------------------------------------------------
----

Technical Information (for support personnel)


Background:
This error can occur if the Web server is busy and cannot process your
request due to heavy traffic.


More information:
Microsoft Support


> -----Original Message-----
> From: Alfred Huger [mailto:ahat_private]
> Sent: Monday, August 06, 2001 2:39 PM
> To: Mark Ng
> Cc: incidentsat_private
> Subject: Re: disinfection tool
>
>
> On Mon, Aug 06, 2001 at 01:19:52PM +0100, Mark Ng wrote:
> > This may eventually be the only way of actually getting rid of code red
> > completely.  If we live in a an ideal world, we'd eventually
> get the idiots
> > to listen.  However, I find that unlikely.
>
> While someone may decide to do this the more likely scenario is that ISPs
> will start black holing infected IP addresses the same way they do with
> SPAM.
>
> > Mark
>
> --
> VP Engineering
> SecurityFocus.com
> "Vae Victis"
>
> ------------------------------------------------------------------
> ----------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Doug.Barbinat_private: "RE: Method to Clean up IIS servers hit by CRv2"
Previous message: Mark Challender: "Was RE: disinfection tool -- now a minor rant."
In reply to: Alfred Huger: "Re: disinfection tool"
Next in thread: Homer Wilson Smith: "Re: disinfection tool"
Next in thread: Rob McCauley: "RE: disinfection tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 13:14:08 PDT