[Snort-users] SSL CodeRed et al
swilcoxon at ...1927...
Wed May 29 07:22:07 EDT 2002
I have seen cases where nimba could crash non-IIS servers because the server couldn't handle some of the strange URL's correctly and started using up resources. When Nimba first came out we had a middle tier java based server that crashing (every 1-2 hours) until we tracked it down to Nimba. Our solution was to have the traffic to that server go through an Apache server that was doing URL filtering and then ProxyPass/ProxyPassReverse. We also notified the manufacturer of the S/W about the problem, but no fix from them yet.
> -----Original Message-----
> From: bthaler at ...2720... [mailto:bthaler at ...2720...]
> Sent: Tuesday, May 28, 2002 10:20 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] SSL CodeRed et al
> Sorry for the dumb question, and I think I already know the
> answer, but:
> Has anyone heard of a CodeRed or Nimda variant attacking on
> port 443 (SSL)?
> The reason I'm asking, is that we have a web-based interface to an
> application that runs its own internal web server (not IIS),
> and the service
> keeps dying. The developer is claiming that the problem is
> CodeRed or Nimda
> attacking on the SSL port.
> We're about to tell them that they're fll of $hlt, but I
> wante dto run it by
> you guys first...
> Brad T.
> Don't miss the 2002 Sprint PCS Application Developer's Conference
> August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users