slapper worm
Mike McCarty
mike.mccarty at sbcglobal.net
Tue Jan 24 21:42:42 UTC 2006
Michael Mansour wrote:
> Hi Mike,
>
>
I wrote the stuff in >>
>>I suppose you mean "Mike Klinke" and not "Mike McCarty" :-)
>>
>>I dunno. I just ran
>>
>># find / -nmae xmlrpc.php -print
>
>
> You should be able to use "locate" for speed in searching, prior to that you
> may run "updatedb&" to update the slocate database.
I am aware of "locate". Thanks!
>>and didn't come up with anything. But that's expected, since
>>I run behind a router set up as a firewall, completely stealth
>>except for the e-mail challenge port (which is closed). A
>>
>>$ ps -A | grep pache
>
>
> I think you would need to look for the "http" process.
$ ps -A | grep ttp
$
> You should do a "netstat -na | grep SYN", if you see alot of those then
> slapper is there DOS attacking people.
$ netstat -na | grep SYN
$
Thanks for the advice. But, as I am behind a stealth firewall,
I feel relatively secured against *this* type of attack.
Umm, what does "there DOS attacking people"? I had problems
parsing that.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
More information about the fedora-legacy-list
mailing list