Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] Entriy in apache log
  • From: Bob B <n1uan@xxxxxxxxxxxxxxx>
  • Date: Fri, 21 Dec 2001 05:54:49 -0500 (EST)
  • Message-id: <Pine.LNX.4.33.0112210554010.8288-100000@xxxxxxxxxxxxxx>
ok thanks for the info i guess then right now i cant use the script as i
have no idea about ipchains and how or what i would need to do!
thanks
BOB


On Fri, 21 Dec 2001, Rogier Maas wrote:

> The script blocks the hosts by adding them to the ipchains IP filter. You'll
> have to have it in order for it to work. ;-)
>
> When a host is blocked, it cannot surf to your box using port 80 anymore. So
> no more entries or hacking can be done on that port on your box.
>
> Rogier
>
> ----- Original Message -----
> From: "Bob B" <n1uan@xxxxxxxxxxxxxxx>
> To: "Rogier Maas" <icarus@xxxxxxxxxx>
> Cc: <suse-security@xxxxxxxx>; <abaesche@xxxxxxxxxx>
> Sent: Friday, December 21, 2001 11:44
> Subject: Re: [suse-security] Entriy in apache log
>
>
> > do you have to have ipchains running or will this work without it!
> >
> >
> > On Fri, 21 Dec 2001, Rogier Maas wrote:
> >
> > > Yes; Code red.. I wrote myself a little script to block all those hosts
> > > trying certain url's. It's on http://antinimda.hafnet.com for download.
> It
> > > also shows the amount of hosts blocked. It's amazing how many blocks I
> have
> > > already...
> > >
> > > ----- Original Message -----
> > > From: <abaesche@xxxxxxxxxx>
> > > To: <suse-security@xxxxxxxx>
> > > Sent: Friday, December 21, 2001 10:14
> > > Subject: [suse-security] Entriy in apache log
> > >
> > >
> > > > Hi all,
> > > >
> > > > I have this entries in my apache log. Anyone an idear
> > > > what this is?
> > > >
> > > > 203.236.245.154 - - [18/Dec/2001:21:23:54 +0100]
> > > >
> > >
> "GET/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> > >
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> > >
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> > >
> NNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%uc
> > >
> bd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
> > > >
> > > > HTTP/1.0" 404 205
> > > >
> > > > Thanks
> > > >
> > > > Armin
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> > > > For additional commands, e-mail: suse-security-help@xxxxxxxx
> > > >
> > > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> > > For additional commands, e-mail: suse-security-help@xxxxxxxx
> > >
> > >
> >
> >
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>


< Previous Next >
Follow Ups
References