Ok, made it – the Code Red counters are now live !
What a battle – it turn out that I needed a new glibc, libstdc and gcc (ok, egcs) before I could get the correct level of MySQL to compile to satisfy mod_log_mysql. Updating rpms with –force is not a pleasant task, especially when I forget to add binutils into the mix and it all goes *very* pear shaped for a while. I would prefer to have compiled my own, but I’ve never had any success with gcc of any ilk, and most of the worthwhile ones (ie: recent) want a newer glibc. The trouble there is that glibc wants a newer gcc in order to build…
Anyway, the SQL queries are running, and in less than 24 hours there’s been a Code Red I hit… Honestly. I’ve put the offending IP’s up on the details page, but I’m not sure if I should – afterall, the box is compromised and that IP could be used to start another attack against it. OTOH, making the site fall over is possibly required in order to get the admin to re-install the latest version of IIS. Dunno – I’ll leave it there until I get a convincing argument not to, or someone complains 🙂