Re: Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 08/31/11 8:22 AM, Always Learning wrote:
> Looking at your example seems to suggest Fail2Ban is an 'after the
> event' response. I would like to implement 'before the event' filtering
> which prevents, even on the first detected hacking attempt, anything
> reaching HTTPD.

so you want another piece of software to parse the http protocol and 
analyze the traffic, before passing it on to your web server, which is 
going to parse the http protocol and deliver content?  good luck with that.

of course, to even consider doing such you would have to, in very 
precise terms, define exactly what comprises a 'hacking attempt'.   do 
you give this filter a list of all valid URLs and trigger your block on 
any that aren't on that list?

anyways, the design of such would better be discussed on a security 
tools mail list as its a very general topic, there's nothing here even 
remotely centos specific.

-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux