> Angel R Rivera writes:
Angel> how about a way to tell it not to report an ip?? i just
Angel> reported on myself. :)
That feature is in the latest version (1.07), thanks to David Young.
DeWitt>> So *that's* why Reuven has CodeRed.pm CC him on the warning
DeWitt>> emails.
DeWitt
how about a way to tell it not to report an ip?? i just reported
on myself. :)
At 07:32 PM 8/6/2001 -0400, DeWitt Clinton wrote:
>On Tue, Aug 07, 2001 at 08:18:18PM +1000, Cees Hek wrote:
>
> > So what your saying is that you have a list of potentially rooted machines
> > that you are making pub
On Tue, Aug 07, 2001 at 08:18:18PM +1000, Cees Hek wrote:
> So what your saying is that you have a list of potentially rooted machines
> that you are making publically available... Doesn't sound like such a
> good idea to me...
So *that's* why Reuven has CodeRed.pm CC him on the warning emails.
On Mon, 6 Aug 2001, Mark Maunder wrote:
> I have a test system up and running. Anyone want to write a mod_perl handler to
>redirect
> to a warning page if the clients IP is in the list? I'm not really sure which phase
> would be the least intrusive into existing applications.
>
> telnet www.swi
I have a test system up and running. Anyone want to write a mod_perl handler to
redirect
to a warning page if the clients IP is in the list? I'm not really sure which phase
would be the least intrusive into existing applications.
telnet www.swiftcamel.com
Then hit enter and you'll see the l
> What would really help is if all the ISPs out there put filters on their
> routers to catch these requests as close to their source as possible.
Hey. Real quick, this discussion is getting a tad off topic,
but, in terms of security, the ideal way to handle this is and prevent
future
AFAIK most large backbone routers out there dont support application layer
filtering e.g. filtering based on what type of http request it is, or what is
requested. Too much CPU overhead methinks.
Some examples: In the case of the user having a dynamically assigned IP address,
the next person assi
From: Mark Maunder <[EMAIL PROTECTED]>
> Perhaps we should just keep a central database of where the attempts are
> coming from.
> We could even extend it to work like the RBL - connects are not allowed from
> IP's that have attempted the exploit
Would that really help anything? The traffic woul
Perhaps we should just keep a central database of where the attempts are coming from.
We could even extend it to work like the RBL - connects are not allowed from IP's
that have attempted the exploit (an explanation page appears instead of the requested
page) and are listed in our blacklist. That
> > > Anybody know of any module I can use to hit back at these default.ida bozos
> > > (i.e. keep them away from my IP addresses ?). I'm running apache/modperl on
> > > Win32.
> >
> [snip]
> > ::grin:: In the post he mentioned about trashing the kernel on NT so
> > this might be kinda fun...
>
H I,
On Sun, 5 Aug 2001, Sean Chittenden wrote:
> > Anybody know of any module I can use to hit back at these default.ida bozos
> > (i.e. keep them away from my IP addresses ?). I'm running apache/modperl on
> > Win32.
>
[snip]
> ::grin:: In the post he mentioned about trashing the kernel on N
> Anybody know of any module I can use to hit back at these default.ida bozos
> (i.e. keep them away from my IP addresses ?). I'm running apache/modperl on
> Win32.
I remember a post on incidents or bugtraq where someone started
pumping crap data back at the virus and eventually the NT s
12 matches
Mail list logo