Re: iptables anti-nimda anyone?

From: Bretscher;Johannes;ja (bretscher@kilauea.5sl.org)
Date: 09/21/01

Previous message: Rob 'Feztaa' Park: "Re: iptables anti-nimda anyone?"
In reply to: Konrad Michels: "iptables anti-nimda anyone?"
Next in thread: James F Wilkus: "Re: iptables anti-nimda anyone?"
Next in thread: Bjørn Ruberg: "Re: iptables anti-nimda anyone?"
Reply: James F Wilkus: "Re: iptables anti-nimda anyone?"
Reply: Steve Mickeler: "Re: iptables anti-nimda anyone?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 21 Sep 2001 08:13:54 +0200 (MEST)
From: "Bretscher;Johannes;ja" <bretscher@kilauea.5sl.org>
To: Konrad Michels <konrad@overnetdata.com>
Subject: Re: iptables anti-nimda anyone?
Message-ID: <Pine.LNX.4.30.0109210812280.14671-100000@kilauea.5sl.org>

On Wed, 19 Sep 2001, Konrad Michels wrote:

> Hi everyone
> I don't suppose one of our iptables gurus out there has an iptables rule
> to filter out this damn nimda thing? I'm really annoyed about it
> filling up my apache logz and would love to drop the packets 'ere they
> get to the apache server . . .

The only thing would be to close port 80. You can not detect packet
content on TCP level.

>
> Later
> Konrad
>

Johannes

Previous message: Rob 'Feztaa' Park: "Re: iptables anti-nimda anyone?"
In reply to: Konrad Michels: "iptables anti-nimda anyone?"
Next in thread: James F Wilkus: "Re: iptables anti-nimda anyone?"
Next in thread: Bjørn Ruberg: "Re: iptables anti-nimda anyone?"
Reply: James F Wilkus: "Re: iptables anti-nimda anyone?"
Reply: Steve Mickeler: "Re: iptables anti-nimda anyone?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: iptables anti-nimda anyone?
... for this to work you need to have compiled IPtables with the string match ... $if1addr=the external interface address ... Then just pipe you apache logs to a little /bin/sh script that verifys that ... Konrad Michels provided the following enlightenment: ...
(Focus-Linux)
Re: iptables anti-nimda anyone?
... Subject: iptables anti-nimda anyone? ... > On Wed, 19 Sep 2001, Konrad Michels wrote: ... >> filling up my apache logz and would love to drop the packets 'ere they ...
(Focus-Linux)
Re: iptables anti-nimda anyone?
... Subject: iptables anti-nimda anyone? ... On Wed, 19 Sep 2001, Konrad Michels wrote: ... > I don't suppose one of our iptables gurus out there has an iptables rule ...
(Focus-Linux)
X & Gnome crashes the system with iptables
... kernel 2.4.21, ... I spent a lot of time to write rules for iptables to obtain a good firewall. ... # Support for connection tracking ... packets are denied until ...
(comp.os.linux.x)
X & Gnome crashes the system with iptables
... kernel 2.4.21, ... I spent a lot of time to write rules for iptables to obtain a good firewall. ... # Support for connection tracking ... packets are denied until ...
(comp.os.linux.setup)