Mailinglist Archive: opensuse-security (448 mails)
| < Previous | Next > |
SuSEfirewall2 and nimda
- From: "Ruud H. Koning" <support@xxxxxxxxxxxxxxxxxx>
- Date: Mon, 06 May 2002 13:09:44 +0200
- Message-id: <200205061309440982.0067EC1D@xxxxxxxxxxxx>
Hello, I have installed Suse linux 8 and activated SuSEfirewall2. I would like to black http requests from Nimda/Code Red etc. infected hosts. With iptables this is supposed to be possible with something like
iptables -A block -p tcp --dport http -m state --state
NEW,ESTABLISHED,RELATED \
-m string --string "root.exe" -j LOG --log-prefix "Nimda virus "
iptables -A block -p tcp --dport http -m state --state
NEW,ESTABLISHED,RELATED \
-m string --string "root.exe" -j DROP
Where would I put these commands in the configuration of SuSEfirewall2?
Thanks for any help, Ruud
iptables -A block -p tcp --dport http -m state --state
NEW,ESTABLISHED,RELATED \
-m string --string "root.exe" -j LOG --log-prefix "Nimda virus "
iptables -A block -p tcp --dport http -m state --state
NEW,ESTABLISHED,RELATED \
-m string --string "root.exe" -j DROP
Where would I put these commands in the configuration of SuSEfirewall2?
Thanks for any help, Ruud
| < Previous | Next > |