Re: nimbda and other apache attacks
From: Brian Clifton (brian@omegadm.co.uk)Date: 10/26/01
- Previous message: Brian Smith: "Re: nimbda and other apache attacks"
- Maybe in reply to: Brian Clifton: "nimbda and other apache attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Brian Clifton" <brian@omegadm.co.uk> To: focus-linux@lists.securityfocus.com Date: Fri, 26 Oct 2001 19:42:35 +0100 Subject: Re: nimbda and other apache attacks Message-ID: <3BD9BCAB.27188.ADF4C7@localhost>
Thanks for the posts which have all generally said modify the
httpd.conf file as follows:
> SetEnvIf Request_URI "cmd\.exe" ATTACK
> SetEnvIf Request_URI "root\.exe" ATTACK
> CustomLog /path/to/attack.log common env=ATTACK
> CustomLog /path/to/transfer.log common env=!ATTACK
Does anyone know if multiple env variables can be used e.g.
CustomLog /path/to/transfer.log common env=!ATTACK AND env=LOG
It does not say at http://httpd.apache.org/docs/logs.html
Best regards, Brian
=============================================================
Omega Digital Media Ltd
I N T E G R A T E D W E B S O L U T I O N S
Phone: +44 (0) 1444 410202
Fax: +44 (0) 1444 412909
http://www.omegadm.co.uk
=============================================================
Cuckfield House, High Street, Cuckfield, West Sussex RH17 5EL
- Previous message: Brian Smith: "Re: nimbda and other apache attacks"
- Maybe in reply to: Brian Clifton: "nimbda and other apache attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
