Re: Apache attacks
From: Ty Bodell (tebodell_at_gmail.com)
Date: 01/31/05
- Previous message: Omar Khawaja: "bandwidth monitoring based on destination IP address"
- In reply to: Kenny: "Apache attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 31 Jan 2005 14:55:55 -0600 To: Kenny <kenny@codez.co.uk>
Kenny--
Checkout http://www.apachesecurity.net Ivan Ristic has some script
listed for exactly that and a package with the tools you can download.
Lookout for the book too :-)
Goodluck,
Ty Bodell
On Wed, 26 Jan 2005 20:56:52 +0000, Kenny <kenny@codez.co.uk> wrote:
> Hi List,
>
> Long time reader, first time poster...
>
> My server crashed yesturday and I had to restart it, to get it going
> again. Now everything seems ok, however looking at my
> /var/log/httpd/access_log.1 shows a visitor to the website posting some
> big chunks of exploit code (containing a massive nop sled).
> How do I know if this attacker actually got in or not?
>
> This is a redhat fedora core 2 box, and I would describe myself as an
> "intermediate" linux user.
>
> Also, has anyone got any scripts that can detect attacks against apache
> and ban the ip for a period of time?
>
> I will post the exploit on request.
>
> Thanks, Kenny
>
- Previous message: Omar Khawaja: "bandwidth monitoring based on destination IP address"
- In reply to: Kenny: "Apache attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
