[Zope] de-worming
Jack Coates
jack@monkeynoodle.org
Wed, 3 Oct 2001 21:41:29 -0700 (PDT)
On Wed, 3 Oct 2001, marc lindahl wrote:
>
>
> > From: Jack Coates <jack@monkeynoodle.org>
> >
> > I've put an object in Zope named default.ida and containing:
> >
> > <dtml-call "RESPONSE.redirect('http://127.0.0.1')">
> >
> > which seems to have stopped Code Red from being a problem. My next
>
> Great idea! Using a DTML Method, I suppose?
DTML document -- I actually just finished writing this up, so have a
look at http://www.monkeynoodle.org/comp/deworming.html
>
> > question is, how do I block Nimda? I need a wildcard or regexp document
> > which will intercept any URL including "cmd.exe" or "root.exe". Any
> > ideas?
>
> The first thing it looks for is /scripts/root.exe -- I wonder what it does
> if it finds it? If it doesn't, it looks in 13 other places. But maybe if
> it finds the first one it's happy? Perhaps the same redirect would make it
> go away?
>
No such luck, it goes ahead and tries every last one of them.
--
Jack Coates
Monkeynoodle: A Scientific Venture...