Author: Ed Panek
Date: 12:50:30 12/21/01
Recently at Johns Hopkins University Medical Center we encountered an attack of the Code Red Virus. The strange thing is that it also brought down any Unix workstations running port 80 HTML. The problem was that the Windows HTML servers would send a bazillion html requests to any html server. This was so frequent that the messages log on the Solaris Box filled up the root partition completely within about 3-4 hours. The symptoms we noticed are that when trying to telnet into Solaris we received an error stating no utmpx entry. We ended up recreating all the utmp and wtmp files and we could then telnet ok. We also ended up having to install a script that checks the size of the /var/adm/messages and pipes it to /dev/null when it exceeds a certain size. Ed
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.