apache and nimbda (fwd)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I found this email interesting so I
forwarding it to the list.

---------- Forwarded message ----------
Date: Tue, 29 Jan 2002 09:43:19 +0100
From: Tommaso Di Donato <t.didonato@sicurweb.it>
To: focus-linux@securityfocus.com
Subject: Re: apache and nimbda

Hi!
You can use iptables on the same machine: if you patch it with the string
patch, you can drop packet with "cmd.exe", "root.exe", "default.ida", and
so on...
Try something like this:

#!/bin/sh
#Put here your external interface
EXT_INT=eth1

iptables -I INPUT -p tcp -i $EXT_INT --dport 80 -m string --string
"/cmd.exe" -j DROP
iptables -A INPUT -p tcp -i $EXT_INT --dport 80 -m string --string
"/root.exe" -j DROP
iptables -A INPUT -m state --state REALTED,ESTABLISHED -j ACCEPT
<and so on>
----------- End Forwarded message ----------

Regards,

David Correa
Public Key http://www.linux-tech.com/linuxtech.gpg
Key fingerprint 7F2C E072 479D 71B4 008B 373E A284 8CDE 7659 F5D8



------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux