Re: iptables anti-nimda anyone?
From: Manuel Guesdon (mguesdon+ml@oxymium.net)Date: 09/22/01
- Previous message: dreamwvr@dreamwvr.com: "Re: Tcpdump and 3des packets"
- In reply to: Konrad Michels: "iptables anti-nimda anyone?"
- Next in thread: Trevor Benson: "RE: iptables anti-nimda anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 22 Sep 2001 12:59:27 +0200 (CEST) From: Manuel Guesdon <mguesdon+ml@oxymium.net> Subject: Re: iptables anti-nimda anyone? To: Konrad Michels <konrad@overnetdata.com> Message-Id: <20010922105927.8CE9B75E69@zen.sbuilders.com>
On Wed, 19 Sep 2001 16:26:30 +0100 Konrad Michels <konrad@overnetdata.com> wrote:
>| Hi everyone
>| I don't suppose one of our iptables gurus out there has an iptables rule
>| to filter out this damn nimda thing? I'm really annoyed about it
>| filling up my apache logz and would love to drop the packets 'ere they
>| get to the apache server . . .
You can use iptrap on port 80 of unused IP(s) address(es) to trap requests and generate an iptable rule to reject the source
IP.
iptrap: http://www.jedi.claranet.fr/
With this, we caught more than 5000 hosts during the last 3 days. >99% of them are nimda requests
Manuel
-- ______________________________________________________________________ Manuel Guesdon - OXYMIUM <mguesdon@oxymium.net> 14 rue Jean-Baptiste Clement - 93200 Saint-Denis - France Tel: +33 1 4940 0999 - Fax: +33 1 4940 0998
- Previous message: dreamwvr@dreamwvr.com: "Re: Tcpdump and 3des packets"
- In reply to: Konrad Michels: "iptables anti-nimda anyone?"
- Next in thread: Trevor Benson: "RE: iptables anti-nimda anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
