Don't Tread on My Server
By Bret A. Fausett
I run my own Web, mail, FTP, and DNS servers on a couple of aging DSL-connected hosts sitting in my den. While they're primarily for my own lightweight, personal use, they've also given me some pretty good insight into the problems that Webmasters and network operators face.
My machines had operated quietly and happily for months, with no crashes and no need to reboot until a few weeks ago, when my mail server crashed and brought down the entire system. I didn't think much about it at the time, I just rebooted and returned to work. The next day, I came home to find that my mail server had again brought down my system. But this time, I had some inkling of the problem, as I'd been receiving dozens of copies of the Sircam virus. I don't run Windows operating systems, so my email client and OS weren't vulnerable to that particular affliction, but my barebones machine clearly wasn't robust enough to handle the large attachments that it was receiving with such frequency. I was falling victim to the virus' secondary effects.
I had a different experience just a week or two later, when my Weblogs suggested that my Web site was becoming increasing popular. Over a period of a few days, I had gained hits exponentially. But, alas, newfound popularity had nothing to do with it. The new hits to my server were leaving the tell-tale footprints of the Code Red and Code Red II viruses. Because my server wasn't the type targeted by Code Red, it wasn't infected; but once again, I saw the secondary effects of a virus that was randomly hitting sites everywhere.
It was clear to me that these viruses amounted to someone accessing my servers (located in my house) through my firewalls, in ways I hadn't intended and that weren't acceptable to me.
