Angel R Rivera writes:
Angel how about a way to tell it not to report an ip?? i just
Angel reported on myself. :)
That feature is in the latest version (1.07), thanks to David Young.
DeWitt So *that's* why Reuven has CodeRed.pm CC him on the warning
DeWitt emails.
DeWitt And I
Anybody know of any module I can use to hit back at these default.ida bozos
(i.e. keep them away from my IP addresses ?). I'm running apache/modperl on
Win32.
[snip]
::grin:: In the post he mentioned about trashing the kernel on NT so
this might be kinda fun...
Well you
Perhaps we should just keep a central database of where the attempts are coming from.
We could even extend it to work like the RBL - connects are not allowed from IP's
that have attempted the exploit (an explanation page appears instead of the requested
page) and are listed in our blacklist. That
From: Mark Maunder [EMAIL PROTECTED]
Perhaps we should just keep a central database of where the attempts are
coming from.
We could even extend it to work like the RBL - connects are not allowed from
IP's that have attempted the exploit
Would that really help anything? The traffic would
AFAIK most large backbone routers out there dont support application layer
filtering e.g. filtering based on what type of http request it is, or what is
requested. Too much CPU overhead methinks.
Some examples: In the case of the user having a dynamically assigned IP address,
the next person
What would really help is if all the ISPs out there put filters on their
routers to catch these requests as close to their source as possible.
Hey. Real quick, this discussion is getting a tad off topic,
but, in terms of security, the ideal way to handle this is and prevent
future
I have a test system up and running. Anyone want to write a mod_perl handler to
redirect
to a warning page if the clients IP is in the list? I'm not really sure which phase
would be the least intrusive into existing applications.
telnet www.swiftcamel.com
Then hit enter and you'll see the
On Mon, 6 Aug 2001, Mark Maunder wrote:
I have a test system up and running. Anyone want to write a mod_perl handler to
redirect
to a warning page if the clients IP is in the list? I'm not really sure which phase
would be the least intrusive into existing applications.
telnet
On Tue, Aug 07, 2001 at 08:18:18PM +1000, Cees Hek wrote:
So what your saying is that you have a list of potentially rooted machines
that you are making publically available... Doesn't sound like such a
good idea to me...
So *that's* why Reuven has CodeRed.pm CC him on the warning emails.
how about a way to tell it not to report an ip?? i just reported
on myself. :)
At 07:32 PM 8/6/2001 -0400, DeWitt Clinton wrote:
On Tue, Aug 07, 2001 at 08:18:18PM +1000, Cees Hek wrote:
So what your saying is that you have a list of potentially rooted machines
that you are making
Anybody know of any module I can use to hit back at these default.ida bozos
(i.e. keep them away from my IP addresses ?). I'm running apache/modperl on
Win32.
thanks, Rod
==
This email message may contain the ebola virus.
The sender accepts no
Anybody know of any module I can use to hit back at these default.ida bozos
(i.e. keep them away from my IP addresses ?). I'm running apache/modperl on
Win32.
I remember a post on incidents or bugtraq where someone started
pumping crap data back at the virus and eventually the NT
H I,
On Sun, 5 Aug 2001, Sean Chittenden wrote:
Anybody know of any module I can use to hit back at these default.ida bozos
(i.e. keep them away from my IP addresses ?). I'm running apache/modperl on
Win32.
[snip]
::grin:: In the post he mentioned about trashing the kernel on NT so
13 matches
Mail list logo