Re: iptables anti-nimda anyone?
From: Rob 'Feztaa' Park (fezziker@home.com)Date: 09/24/01
- Previous message: José Luis Domingo López: "Re: iptables anti-nimda anyone?"
- In reply to: teo@gecadsoftware.com: "Re: iptables anti-nimda anyone?"
- Next in thread: Bjørn Ruberg: "Re: iptables anti-nimda anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 23 Sep 2001 21:46:44 -0600 (MDT) From: Rob 'Feztaa' Park <fezziker@home.com> To: <teo@gecadsoftware.com> Subject: Re: iptables anti-nimda anyone? Message-ID: <Pine.LNX.4.33L2.0109232145270.20377-100000@feztron.ath.cx>
On Fri, 21 Sep 2001, teo@gecadsoftware.com (dis)graced my inbox with this:
> until the storm gets low I have this:
>
> $IPTABLES -I INPUT -p tcp --dport 80 -m string --string .ida -m state --state ESTABLISHED \
> -j REJECT --reject-with tcp-reset
> $IPTABLES -I INPUT -p tcp --dport 80 -m string --string cmd.exe -m state --state ESTABLISHED \
> -j REJECT --reject-with tcp-reset
> $IPTABLES -I INPUT -p tcp --dport 80 -m string --string root.exe -m state --state ESTABLISHED \
> -j REJECT --reject-with tcp-reset
Unless you actually have exe files that you wish to share with people, I'd
recommend that you just block exe's altogether (like you've done with
ida's).
-- Rob 'Feztaa' Park fezziker@home.com -- Whom computers would destroy, they must first drive mad.
- Previous message: José Luis Domingo López: "Re: iptables anti-nimda anyone?"
- In reply to: teo@gecadsoftware.com: "Re: iptables anti-nimda anyone?"
- Next in thread: Bjørn Ruberg: "Re: iptables anti-nimda anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
