[Dshield] Look at this Nitwit

Doug White doug at clickdoug.com
Thu Jan 29 02:47:10 GMT 2004

If you are running a Windows IIS box, the URLScan ISAPI filter will effectively
block those.

Stop spam on your domain, Anti-spam solutions
For hosting solutions http://www.clickdoug.com
Aspire to Inspire before you Retire or Expire!

----- Original Message ----- 
From: "Keith Bergen" <keith at keithbergen.com>
To: "'General DShield Discussion List'" <list at dshield.org>
Sent: Wednesday, January 28, 2004 5:12 PM
Subject: RE: [Dshield] Look at this Nitwit

: There was some talk on this list about putting a fake default.ida file out
: there. I can't remember exactly what the consensus was (if there was one).
: Check through the archives, I remember quite a lot of discussions on the
: code red and nimda viruses.
: It would seem to me that a zero-byte default.ida would take less outgoing
: bandwidth than a URL 404 message, but I may be over-simplifying it.
: Keith.
: -----Original Message-----
: From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
: Of David Hart
: Sent: Wednesday, January 28, 2004 5:41 PM
: To: General DShield Discussion List
: Subject: Re: [Dshield] Look at this Nitwit
: On Wed, 2004-01-28 at 16:50, Keith Bergen wrote:
: > Yes. That is a Windows IIS server that is infected with the
: > Nimda virus and trying to propagate it to your box. There's
: > probably not a lot you can do about it apart from sending an
: > email to his provider with the logs. . . .
: Thanks
: How do you feel about a zero-byte default.ida? It saves some cycles. any
: downside?
: >
:                                ---------
:             Quality Management - A Commitment to Excellence
: _______________________________________________
: list mailing list
: list at dshield.org
: To change your subscription options (or unsubscribe), see:

More information about the list mailing list