SuSEfirewall2 and nimda
![](https://seccdn.libravatar.org/avatar/a89cf7044194d52a6063e29bef1685d6.jpg?s=120&d=mm&r=g)
6 May
2002
6 May
'02
11:09
Hello, I have installed Suse linux 8 and activated SuSEfirewall2. I would like to black http requests from Nimda/Code Red etc. infected hosts. With iptables this is supposed to be possible with something like iptables -A block -p tcp --dport http -m state --state NEW,ESTABLISHED,RELATED \ -m string --string "root.exe" -j LOG --log-prefix "Nimda virus " iptables -A block -p tcp --dport http -m state --state NEW,ESTABLISHED,RELATED \ -m string --string "root.exe" -j DROP Where would I put these commands in the configuration of SuSEfirewall2? Thanks for any help, Ruud
8088
Age (days ago)
8088
Last active (days ago)
0 comments
1 participants
participants (1)
-
Ruud H. Koning