Re: httpd access_logs-security et al

Subject: Re: httpd access_logs-security et al
From: ACME Sales Team (sales@acme-ent.net)
Date: Sat Dec 29 2001 - 20:20:28 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Jan Zumwalt: "RE: Profanity on the List"
• Previous message: Scott Johnson: "Re: OT: HTML help"
• In reply to: W.D.McKinney: "Re: httpd access_logs-security et al"
• Reply: ACME Sales Team: "Re: httpd access_logs-security et al"
• Reply: ACME Sales Team: "Re: httpd access_logs-security et al"

You might want to look at Apache::Nimda. Here's a link:
http://www.keyslapper.org/Nimda/

BTW there is a similar module for CodeRed.

David Loutrel
Operations Manager,
ACME Enterprises Hosting & Design
www.acme-ent.net

Windows, A colorful clown-suit for DOS

----- Original Message -----
From: "W.D.McKinney" <deem@wdm.com>
To: <aklug@aklug.org>
Sent: Saturday, December 29, 2001 5:48 PM
Subject: Re: httpd access_logs-security et al

>
> Well something like this maybe ?
>
> #!/bin/sh
> tail -f /path/to/log/httpd/access_log|gawk '/default.ida|scripts/
> {system("/sbin/route add -host "$1" reject")}'
>
>
>
> William Bouterse <bill@bouterse.com> wrote:
> >
> > After the overwhelming inundation of Nimidia and others and continued
> > bloat of my home server access_logs and the recent malicious cracking
into a member of this lists server, I was wondering....?
> >
> > Where is one of those nice little scripts I remember seeing
> > to bounce back the access attempts returning them to the attention
> > of the administrator of the infected server? Or other suggestions
> > for a realatively non-sophisticated linux user.
> >
> > I have misplaced the email concerning the cracked server and was
wondering
> > what the outcome of it all was and whether or not the members of this
group have a notification process setup whereas any comfirmed exploit is
immediately announced Perhaps "SECURITY ALERT"!!!
> > ...Sometimes the list grows long with various discussions and I for one
have a tendency to skim and sometimes forget which is why I am writing
this....It would be nice to know the details of
> > security issues as it can affect us all both home user and business...
> >
> > I still have not perfected the balance between
> > too much and too little security
> >
> >
> > William Bouterse
> > Talkeetna, Ak.
>
>
> --
> W.D.McKinney (Dee)
> (907)349-4308 (Office)
> (907)349-2226 (Fax)
> http://3519098920
>
>
>

• Next message: Jan Zumwalt: "RE: Profanity on the List"
• Previous message: Scott Johnson: "Re: OT: HTML help"
• In reply to: W.D.McKinney: "Re: httpd access_logs-security et al"
• Reply: ACME Sales Team: "Re: httpd access_logs-security et al"
• Reply: ACME Sales Team: "Re: httpd access_logs-security et al"

This archive was generated by hypermail 2a23 : Sat Dec 29 2001 - 22:57:00 AKST