Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Securing apache
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
tgoodaire
Tux's lil' helper
Tux's lil' helper


Joined: 31 Jan 2003
Posts: 145
Location: Dartmouth, Nova Scotia, Canada
PostPosted: Tue Mar 25, 2003 12:41 am    Post subject: Securing apache Reply with quote
I have an apache server running, and I'm getting a lot of messages in my logs from worms.

ie. stuff like this:

Code:

- - [24/Mar/2003:16:39:26 -0400] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX


Since this is my server, and it's only going to be used for a bit of development, I'd like to automatically block the IPs of hosts that hit me with commands like that.

What's the best way to do this? I'm guessing, some kind of network intrusion detector that will change my firewall rules on the fly. Any suggestions?
_________________
I bent my wookie.
Back to top
View user's profile Send private message
verbaltoxin
n00b
n00b


Joined: 12 Mar 2003
Posts: 11
Location: Mendon, UT USA
PostPosted: Tue Mar 25, 2003 2:48 am    Post subject: Reply with quote
I don't think that you'd really want an "on the fly" IP blocker. That can lead to troubles and frustration down the line.

You might want to look into this
Dynamic iptables firewalls :
http://www-106.ibm.com/developerworks/library/l-fw/index.html and
http://www.gentoo.org/proj/en/dynfw.xml

Check your logs and manually block those address that offend you.

you can emerge this under net-firewall/dynfw
Back to top
View user's profile Send private message
tgoodaire
Tux's lil' helper
Tux's lil' helper


Joined: 31 Jan 2003
Posts: 145
Location: Dartmouth, Nova Scotia, Canada
PostPosted: Tue Mar 25, 2003 4:39 am    Post subject: Reply with quote
Thanks for the links. I'll look into those for sure.
_________________
I bent my wookie.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy