Security Basics mailing list archives
Re: Apache attacks
From: Ty Bodell <tebodell () gmail com>
Date: Mon, 31 Jan 2005 14:55:55 -0600
Kenny-- Checkout http://www.apachesecurity.net Ivan Ristic has some script listed for exactly that and a package with the tools you can download. Lookout for the book too :-) Goodluck, Ty Bodell On Wed, 26 Jan 2005 20:56:52 +0000, Kenny <kenny () codez co uk> wrote:
Hi List, Long time reader, first time poster... My server crashed yesturday and I had to restart it, to get it going again. Now everything seems ok, however looking at my /var/log/httpd/access_log.1 shows a visitor to the website posting some big chunks of exploit code (containing a massive nop sled). How do I know if this attacker actually got in or not? This is a redhat fedora core 2 box, and I would describe myself as an "intermediate" linux user. Also, has anyone got any scripts that can detect attacks against apache and ban the ip for a period of time? I will post the exploit on request. Thanks, Kenny
Current thread:
- Apache attacks Kenny (Jan 27)
- Re: Apache attacks Bernie Johnson (Jan 27)
- Re: Apache attacks Micheal Cottingham (Jan 28)
- Re: Apache attacks bernie (Jan 28)
- Re: Apache attacks KillKenny (Jan 28)
- Re: Apache attacks Dan Margolis (Jan 28)
- Re: Apache attacks Ty Bodell (Jan 31)
- <Possible follow-ups>
- Re: Apache attacks miguel . dilaj (Jan 31)
- Re: Apache attacks Bernie Johnson (Jan 27)