Security Basics mailing list archives
Re: Apache attacks
From: Bernie Johnson <bernie () e-mich com>
Date: Thu, 27 Jan 2005 17:55:06 -0500
Kenny, Look at www.rfxnetworks.com and get APF, BFD and look at the other scripts there. This should od what you want and need. B. Johnson On Wed, 2005-01-26 at 15:56, Kenny wrote:
Hi List, Long time reader, first time poster... My server crashed yesturday and I had to restart it, to get it going again. Now everything seems ok, however looking at my /var/log/httpd/access_log.1 shows a visitor to the website posting some big chunks of exploit code (containing a massive nop sled). How do I know if this attacker actually got in or not? This is a redhat fedora core 2 box, and I would describe myself as an "intermediate" linux user. Also, has anyone got any scripts that can detect attacks against apache and ban the ip for a period of time? I will post the exploit on request. Thanks, Kenny
--
Current thread:
- Apache attacks Kenny (Jan 27)
- Re: Apache attacks Bernie Johnson (Jan 27)
- Re: Apache attacks Micheal Cottingham (Jan 28)
- Re: Apache attacks bernie (Jan 28)
- Re: Apache attacks KillKenny (Jan 28)
- Re: Apache attacks Dan Margolis (Jan 28)
- Re: Apache attacks Ty Bodell (Jan 31)
- <Possible follow-ups>
- Re: Apache attacks miguel . dilaj (Jan 31)
- Re: Apache attacks Bernie Johnson (Jan 27)