To protect apache from Nimda insert this in httpd.conf:
<LocationMatch ".ida|(root|cmd).exe"> order allow,deny deny from all </LocationMatch> lilo ----- Original Message ----- From: Hiten Desai linuxbrd@yahoo.com To: linux user group linuxers@mm.ilug-bom.org.in Sent: Thursday, December 27, 2001 10:39 PM Subject: [ILUG-BOM] DOS attack
I m having dos attack on my apache web server which is also simeltenously having our imap as well as pop3 server have checked with top it some times of the day gives more cpu consumption and by uptime I came to know that there are no. of active users goes up from 3 to 4 (average) to 20 or more after checking httpd logs I came to know that someone is asking for *.exe files from different ips we have a consaltunt but he says he doesnt have any solution for the timebeing he says to stop and restart the httpd service when it happens do u have any comments we are having dedicated connection and around 500+ email users please infrom me if there are any monitoring tools for sendmail /dos attack /apache which can be monitored in real time thanks
Hiten.
Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com _______________________________________________ http://mm.ilug-bom.org.in/mailman/listinfo/linuxers