Using CodeRedKiller to Prevent CodeRed Attacks on Apache Servers

codeRedKiller is a simple concept that truly can help conserve resources. It saves time and energy (bandwidth and cpu power, etc) by automatically identifying and dropping requests from CodeRed infected hosts. Its goals are to stop CodeRed requests to apache webservers . . . codeRedKiller is a simple concept that truly can help conserve resources. It saves time and energy (bandwidth and cpu power, etc) by automatically identifying and dropping requests from CodeRed infected hosts. Its goals are to stop CodeRed requests to apache webservers and to do it without requiring more effort than a typical 404 error.

codeRedKiller achieves these goals with a straightforward PHP script (included) that masquerades as the "defualt.ida" file that CodeRed itself searches out. If a request is made to this file (a PHP script in this case) it simply records the IP address of the offending host (the requestor) to a file.

The link for this article located at LinuxPR / LinuxToday is no longer available.