Re: (c 5.6) Running 2 versions of Apache ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Mon, 2011-08-29 at 15:52 -0500, Les Mikesell wrote:

> That means he's not very good at it yet.  The ones you need to worry
> about will send quick exploit tests cycling through different
> destinations, that if they succeed will post to a central receiver.
> Then later, likely from a different location, it will send the one
> that attempts to escalate access to root and/or establish a connection
> back for central control.  The point here being that an IP block
> probably won't help much against an exploit that works well enough to
> establish a distributed base.

Thank you for this.

If I can establish an effective block for wrong HTTP requests in
IPtables for incoming port 80 traffic, back-upped by my Apache routine
adding IPs to IPtables or .htacesss file and having screwed down access
and egress for all other traffic, the only other enhancement I need is
SELinux ?

Paul.


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux