Hello, by chance I learned of the existence of prcview (www.prcview.com), which is a process viewer. It displays running processes, their threads, used DLL'S etc. Under Win95 (presumably also under 98/ME) it displays the number of threads for each process in a column in its main window. This easily allows one to check the number of threads for inetinfo.exe (IIS). I do not know the number of threads for a "normal" IIS on a non- busy/busy site. However one should be able to easily see a drastic increase of threads caused by CRv1/CRv2 or CodeRedII (even more so). Under NT4 I do not get the column with the number of threads. There one has to use a seperate thread list window for each process. Since there is no sum displayed it could be quite difficult to get the number of running threads easily, if the base number of threads for inetinfo.exe is quite high. However a huge increase caused by Code Red infection should be spotable nonetheless. Under win2000 the summary column for the number of threads is also missing and thus waht I wrote for winnt4 applies. Robinton -- I've asked for kindness and ultimate truth. Still waiting for the answer. -- Blessed are they who can laugh at themselves for they shall never cease to be amused. ~ Riddles and More ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 12:47:05 PDT