Vulnerability Development mailing list archives

Re: a real way to stop an http based worm

From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Fri, 7 Sep 2001 17:47:44 -0400 (EDT)

On Fri, 7 Sep 2001, Gert-Jan Hagenaars wrote:

Can this be done on the web-proxy boxes that the ISPs have on their
networks?  I.e. dunk anything that looks for "/default.ida?blah"?


yep. reverse proxies can be configured to do this. and cisco ACLs can
already reset/block such connections i believe.

in short a good idea, and one that can already be implemented.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

a real way to stop an http based worm Gert-Jan Hagenaars (Sep 07)
- Re: a real way to stop an http based worm Jose Nazario (Sep 07)
  - Re: a real way to stop an http based worm abel (Sep 07)
  - Re: a real way to stop an http based worm The Crocodile (Sep 07)