Re: apache security question

From: Mike Silbersack (silby@silby.com)
Date: 06/15/01

• Next message: George.Giles@mcmail.vanderbilt.edu: "Controlling imap access"
• Previous message: Ian Smith: "Re: apache security question"
• In reply to: Karsten W. Rohrbach: "Re: apache security question"
• Next in thread: Dag-Erling Smorgrav: "Re: apache security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 15 Jun 2001 13:53:25 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: "Karsten W. Rohrbach" <karsten@rohrbach.de>

On Fri, 15 Jun 2001, Karsten W. Rohrbach wrote:

> ratelimiting turned out to be too relaxed for several servers i got in
> the field. was this changed from 4.2 to 4.3?

It changed a bit, contact me via private e-mail with info on what it
wasn't able to handle and we'll see if we can enhance it.

> i did not want to say that blackhole(4) is a replacement for ipf(4).
> since the b0rkedness of the rule parser, ipfw(4) is not an option
> anymore for me. try mathing multiple destination ports in one rule :-/
>
> >
> > So... don't worry about it. (Or filter upstream if you are being attacked
> > and are forced to worry about it.)
>
> that's exactly what i wrote in the original mail, would it not have been
> removed.

Oops, guess I got too cut happy. Sorry.

> > * Some attack tools have recognizeable signatures, you could block those
> > with ipfw.
>
> oh, yes, and snort or similar things on a gateway in front of it to see
> new ones ;-)

I should really check out that program one of these days. I must be one
of the few to not yet use it. :)

Mike "Silby" Silbersack

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: George.Giles@mcmail.vanderbilt.edu: "Controlling imap access"
• Previous message: Ian Smith: "Re: apache security question"
• In reply to: Karsten W. Rohrbach: "Re: apache security question"
• Next in thread: Dag-Erling Smorgrav: "Re: apache security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: WINS, NETBIOS & DNS ... modern add-on products) so most people in fact do need NetBIOS ... before DNS! ... Monitor your enterprise Web Servers. ... still have to implement or worry about netbios and WINS? ... (microsoft.public.windows.server.general) Re: TCP/IP performance, maximum speed = 65% of 100mbps? ... You'll rarely ever get 100% efficiency, ... In other words, don't worry about it, and if you really need more speed, and ... your servers can pump the info out fast enough, ... Matt Gibson - GSEC ... (microsoft.public.windows.server.networking) Re: Todd continues to violate CTIs terms of service ... > traffic to worry about that. ... and finally for something to be obscene it ... > must pass the three prong test as the supreme court stated in Miller v ... with those servers, including kicking you off. ... (rec.radio.amateur.policy) Re: How to get BOINC setiathome Client running SuSE 9.1 x86_64? ... I would not worry about Boinc at the moment David, ... servers are down and the weekend is the worst time there so might not ... (alt.os.linux.suse) Re: School setup - very limited user accounts. ... Per Simon: ... computers are 'cleaned' once a week and all I would have to worry about is ... the state of the servers. ... (microsoft.public.windowsxp.general)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint