[Esd-l] Nimda/IIS worms defense.
Bill Larson
blarson at compu.net
Fri Sep 21 14:12:01 PDT 2001
A person on the isp.com list came up with this idea and it seems to be
working rather well.
add the following lines to your httpd.conf then restart the web server:
RedirectMatch (.*)\cmd.exe$ http://127.0.0.1/
RedirectMatch (.*)\default.ida$ http://127.0.0.1/
RedirectMatch (.*)\root.exe$ http://127.0.0.1/
Any requests for those files will be sent back to the originating web
server. I added the default.ida and the root.exe to his idea.
---
Bill Larson
Network Administrator
Compu-Net Enterprises
More information about the esd-l
mailing list