Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 81303 invoked from network); 2 Oct 2003 17:00:36 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 2 Oct 2003 17:00:36 -0000 Received: (qmail 58632 invoked by uid 500); 2 Oct 2003 17:00:14 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 58617 invoked by uid 500); 2 Oct 2003 17:00:14 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 58596 invoked from network); 2 Oct 2003 17:00:13 -0000 Received: from unknown (HELO unix.chanweiss.com) (208.37.127.172) by daedalus.apache.org with SMTP; 2 Oct 2003 17:00:13 -0000 Received: from shodan.chanweiss.com (wksn3.chanweiss.com [208.37.127.175]) by unix.chanweiss.com (8.12.5/8.12.5/Debian-1) with ESMTP id h92H0GOu016628 for ; Thu, 2 Oct 2003 13:00:17 -0400 Message-Id: <5.2.0.9.0.20031002125812.03690a78@unix.chanweiss.com> X-Sender: jdweiss@unix.chanweiss.com X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Thu, 02 Oct 2003 13:00:15 -0400 To: users@httpd.apache.org From: "Jeremy D. Weiss" In-Reply-To: <0DFFBE2E899E804E9A5710F7071224381E7CB4@sjvapcd-mail.valley air.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Subject: RE: [users@httpd] new access_log messages X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N At 12:42 PM 10/02/2003, you wrote: >Thanks for the info! Is there anything I can do to prevent this kind of >traffic? Or is this just a "fact of Internet life"? I keep up to date with >all patches and security updates from RedHat, I've tried to secure the >server as much as possible, are there other things I should do? Is there >some AV software for Linux/Unix that would help me in this situation? >Suggestions? well, which kind of traffic are you referring to? You had both robots and attempted-IIS attacks in there. The robot traffic is benign (and, in fact, some would argue actually _useful_). The IIS attacks however? well, there are modules and scripts that can try to filter it out (look through the mailing list archives for either "iis" or "code red" or "nimda"). Rest assured, none of these attacks are worth a darn, against an apache server...they're just a nuisance. ==Jeremy --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org