Re: Apache attacks
From: Bernie Johnson (bernie_at_e-mich.com)
Date: 01/27/05
- Previous message: Kelly Martin: "SF new article announcement: Mobile Viruses"
- In reply to: Kenny: "Apache attacks"
- Next in thread: Micheal Cottingham: "Re: Apache attacks"
- Reply: Micheal Cottingham: "Re: Apache attacks"
- Reply: bernie_at_e-mich.com: "Re: Apache attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Kenny <kenny@codez.co.uk> Date: Thu, 27 Jan 2005 17:55:06 -0500
Kenny,
Look at www.rfxnetworks.com and get APF, BFD and look at the other
scripts there. This should od what you want and need.
B. Johnson
On Wed, 2005-01-26 at 15:56, Kenny wrote:
> Hi List,
>
> Long time reader, first time poster...
>
> My server crashed yesturday and I had to restart it, to get it going
> again. Now everything seems ok, however looking at my
> /var/log/httpd/access_log.1 shows a visitor to the website posting some
> big chunks of exploit code (containing a massive nop sled).
> How do I know if this attacker actually got in or not?
>
> This is a redhat fedora core 2 box, and I would describe myself as an
> "intermediate" linux user.
>
> Also, has anyone got any scripts that can detect attacks against apache
> and ban the ip for a period of time?
>
> I will post the exploit on request.
>
> Thanks, Kenny
--
- Previous message: Kelly Martin: "SF new article announcement: Mobile Viruses"
- In reply to: Kenny: "Apache attacks"
- Next in thread: Micheal Cottingham: "Re: Apache attacks"
- Reply: Micheal Cottingham: "Re: Apache attacks"
- Reply: bernie_at_e-mich.com: "Re: Apache attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
