Re: deny cgi scanner

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <mailing-lists@xxxxxx>
Subject: Re: deny cgi scanner
From: "Jesper Lund" <jesper@xxxxxxxxxxxxxx>
Date: Tue, 1 Apr 2003 20:17:25 +0200 (CEST)
Cc: <netfilter@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <3E89CD8A.5020007@gmx.ch>
References: <3E89CD8A.5020007@gmx.ch>
Sender: netfilter-admin@xxxxxxxxxxxxxxxxxxx

> does anybody know how to drop packets with
> destination-port 80 after a limit of connections
> has been reached?
> i'd like to deny access for the attacker as soon
> as a cgi-scan has been detected.
>
> is it possible to do that with iptables?

The patch-o-matic module iplimit can do exactly that.

//Jesper

References:
- deny cgi scanner
  - From: Eric Marchionni

Prev by Date: Re: IP TOS based routing
Next by Date: Re: RFC 3514 support?
Previous by thread: Re: deny cgi scanner
Next by thread: RFC 3514 support?
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux