On Wed, 14 Apr 2004, pmquan wrote:
> Many users in my network infected with Welchia.Worm and this virus send
> mass-request out to port 80. SQUID handle that and hang on (I can connect to
> SQUID but my SQUID didnt respone till i restarted itself). And it going down
> again after 5mins ;(
Your clients are performing a Denial of Service (DoS) attack on your
Squid.
Identify the offending IP addresses from access.log and then firewall
these stations from using the proxy until they have been cleaned.
Most OS:es have good firewalling capabilities which can be used for this
purpose. Linux and *BSD for certainly does.
Regards
Henrik
Received on Wed Apr 14 2004 - 05:44:50 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT