Re: Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Wed, Aug 31, 2011 at 12:17 PM, John R Pierce <pierce@xxxxxxxxxxxx> wrote:
>> Wrong. Some can be determined by machine searching for 'known' invalid
>> URL strings which are not remotely similar to valid web page names.
>
> there's an infinite number of invalid strings, and only a finite number
> of valid ones.
>
> anyways, your webserver already filters these out, its not going to
> respond to an invalid URL with anything other than '404'.  thats its job.

The idea isn't as crazy as it sounds - expensive firewalls offer the
option to block URLs including known exploits and it is a much faster
way to protect a farm of servers behind it than waiting for the OS
vendor to come up with a service pack to make the servers less
vulnerable.

-- 
  Les Mikesell
   lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux