Re: (c 5.6) Running 2 versions of Apache ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Always Learning wrote:
>
> On Mon, 2011-08-29 at 15:31 -0400, m.roth@xxxxxxxxx wrote:
>
>> Sorry, not a lunatic. Your website's name has been harvested, and added
>> to
>> some black-market commercial or script kiddie toolkit, and it's on
>> infected servers around the world. Take it from me... (I'm a contractor
>> for a US Federal Gov't agency*, and we get *tons*.
>
> It would be nice if Uncle Sam went after the pests.

Please. We don't want "unintended consequences" (as in, you're running
these servers open to the 'Net? Why, you should....)*
>
> The attacks are not automatic. The loony is currently having difficulty
> finding vulnerable IPs and concentrating his efforts on a Japanese
> company with very lax security (7 IPs at the same place so far).

Sounds like that may be their attack vector. I'd expect it to spread.
>
>> Check out fail2ban. It works very nicely.
>
> Mark,
>
>>From http://www.fail2ban.org/wiki/index.php/Main_Page
> it states:
>
> 	Fail2ban scans log files like /var/log/pwdfail
> 	or /var/log/apache/error_log and bans IP that
> 	makes too many password failures. It updates
> 	firewall rules to reject the IP address.
>
> I would like, if possible, to identify the fragments in IP tables and
> instantly block the packets thus preventing them entering the remainder
> of the server. Fail2ban does not do this. My current blocking
> requirement is specialised.

You might want to try it, anyway. It takes care of a *lot* of other
attacks, too.

         mark

* Forgot this on the last post: ObDisclaimer: I do not speak for the US
Federal Gov't, nor for my employer; I speak (and rant) only for myself.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux