Re: Am I being to paranoid?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 05/08/2011 10:46 AM, Jason wrote:
> 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect.
[...]

Because the remote loader is a robot, not a web browser. It is throwing 
stuff at the wall and seeing what sticks. It flat out doesn't care if 
you send back a redirect - it is just looking for a response that 
indicates a vulnerability and anything else is ignored by it.

Redirects are largely ineffective in combating bots hunting for 
exploitable scripts and programs. You would be better off using 
something like Fail2Ban to dynamically update firewall rules against 
detected attackers.

-- 
Benjamin Franz
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux