virus SLAPPER pro linux

[Pavel Lisy]

On Út, 2002-09-24 at 14:17, Zdenek Marsik wrote:
> Po tydeni nepritomnosti pro nemoc jsem svedkem cyklickeho toku dat
> kazdou hodinu.
> /var/log/messages pise:
> kernel: ICMP: 217,21,95,158: Source Route Failed
> kernel: Neighbour table overflow
> 
> /var/log/httpd/error_log:
> [Tue Sep 24 06:21:25 2002] [error] [client 202.125.153.82] client sent
> HTTP/1.1
> request without hostname (see RFC2616 section 14.23): /
> [Tue Sep 24 06:21:56 2002] [error] mod_ssl: SSL handshake failed
> (server www.gja
> k.cz:443, client 202.125.153.82) (OpenSSL library error follows)
> [Tue Sep 24 06:21:56 2002] [error] OpenSSL: error:1406908F:SSL
> routines:GET_CLIE
> NT_FINISHED:connection id is different
> [Tue Sep 24 06:22:16 2002] [error] [client 202.104.174.150] client
> sent HTTP/1.1
>  request without hostname (see RFC2616 section 14.23): /
> [Tue Sep 24 06:22:55 2002] [error] mod_ssl: SSL handshake failed
> (server www.gja
> k.cz:443, client 202.104.174.150) (OpenSSL library error follows)
> [Tue Sep 24 06:22:55 2002] [error] OpenSSL: error:1406908F:SSL
> routines:GET_CLIE
> NT_FINISHED:connection id is different
> [Tue Sep 24 06:26:28 2002] [error] mod_ssl: SSL handshake timed out
> (client 202.
> 125.153.82, server www.gjak.cz:443)
> [Tue Sep 24 06:26:29 2002] [error] mod_ssl: SSL handshake timed out
> (client 202.
> 125.153.82, server www.gjak.cz:443)
> [Tue Sep 24 06:26:33 2002] [error] mod_ssl: SSL handshake timed out
> (client 202.
> 125.153.82, server www.gjak.cz:443)
> [Tue Sep 24 06:26:33 2002] [error] mod_ssl: SSL handshake timed out
> (client 202.
> 125.153.82, server www.gjak.cz:443)
> [Tue Sep 24 06:26:34 2002] [error] mod_ssl: SSL handshake timed out
> (client 202.
> 
> Muze se jednat o virus SLAPPER?
zkuste hledat /tmp.bugtraq
a
netstat -tulp | grep bugtraq
-- 
Ing. Pavel Lisy <pali na tmapy.cz>
T-MAPY spol. s r.o., http://www.tmapy.cz
Nezvalova 850, Hradec Kralove, 50003
tel: +420-49-5513335 fax: +420-49-5513371

O mapach vime vse: http://www.tmapserver.cz