Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
iptables rules for HTML Form Protocol Attack
  • From: "Muammer Arslan" <Muammer.Arslan@xxxxxxxxxxxxx>
  • Date: Thu, 10 Jul 2003 10:14:34 +0200
  • Message-id: <OF7A937F7D.E1D6C0CD-ONC1256D5F.002D42E3@xxxxxxxxxxxxx>
Hi All,

Last days I often see below messages in Apache log files:
1.1.1.1 - - [09/Jul/2003:17:32:00+0200] "POST http://11.1.106.18:25/ HTTP/1.1" 200 475 "-" "-"

I suspect some kind of HTML protocol attack and want to stop this. Can I
do it somehow with IP-Tables as it is already installed on the server or
do you have any other ideas? I use SuSE 8.1 and SuSEfirewall2 with SuSEfirewall2-custom rules.

Thanks for your replies.


Muammer
< Previous Next >