Re: iptables anti-nimda anyone?
From: Sven Michels (smichels@intradat.com)Date: 09/21/01
- Previous message: Devdas Bhagat: "Re: iptables anti-nimda anyone?"
- In reply to: Konrad Michels: "iptables anti-nimda anyone?"
- Next in thread: Tim Haynes: "Re: iptables anti-nimda anyone?"
- Next in thread: Evan Borgstrom: "Re: iptables anti-nimda anyone?"
- Reply: Tim Haynes: "Re: iptables anti-nimda anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3BAB0701.FDF3DEC9@intradat.com> Date: Fri, 21 Sep 2001 11:23:13 +0200 From: Sven Michels <smichels@intradat.com> To: Konrad Michels <konrad@overnetdata.com> Subject: Re: iptables anti-nimda anyone?
Konrad Michels wrote:
>
> Hi everyone
> I don't suppose one of our iptables gurus out there has an iptables rule
> to filter out this damn nimda thing? I'm really annoyed about it
> filling up my apache logz and would love to drop the packets 'ere they
> get to the apache server . . .
if you've patched the kernel with string match support: yes:
$IPTABLES -I INPUT -p tcp --dport 80 -m string --string .exe? -m state \
--state ESTABLISHED -j REJECT --reject-with tcp-reset
(same works wizh .ida for the old one)
HTH
-- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256
- Previous message: Devdas Bhagat: "Re: iptables anti-nimda anyone?"
- In reply to: Konrad Michels: "iptables anti-nimda anyone?"
- Next in thread: Tim Haynes: "Re: iptables anti-nimda anyone?"
- Next in thread: Evan Borgstrom: "Re: iptables anti-nimda anyone?"
- Reply: Tim Haynes: "Re: iptables anti-nimda anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
