Re: Apache vulnerability?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/1/2011 5:07 PM, Alex wrote:
>
> Yes, quite easy. Just doing it manually for now:
>
> # Create the LOGDROP chain
> iptables -N LOGDROP
> iptables -F LOGDROP
> iptables -A LOGDROP -j LOG --log-prefix "LOGDROP "
> iptables -A LOGDROP -j DROP
>
> iptables -j LOGDROP -I INPUT -s<offending_ip>  -d<my_ip>  -p tcp --dport 80
>
> This will log each attempt to syslog, or just replace the LOGDROP in
> the last rule with DROP to avoid the logging.
>
> Best regards,
> Alex

Alex:

Thanks. If you bear with a couple "hopefully-not-too-naive" questions ...

I seems to me that you are saying the actions you wish to stop are from 
"s <offending_ip>" using "-p tcp" ... why the need to specify the 
destination of "-d <my_ip>" (since if this iptables rule is called, it 
must have reached me regardless of my_ip) and "--dport 80" (would there 
be any destination port that I would allow such action from this 
offending_ip to occur on?).

I am seeing in the default F14 iptables:

-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

This looks to me like tcp on dport 22 is allowed and there I would think 
that the minimal change would be to insert a rule before this which says 
"anything from offending_ip via tcp should be rejected".

I'm still trying to get comfortable with iptables and, even though there 
is alot of stuff out there, I'm still working to get the necessary 
critical mass of understanding so it all falls into place. This thread 
looked like a good chance to see if I'm closer to understanding.

Appreciate in advance,
Paul
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux