Re: httpd access_logs-security

Subject: Re: httpd access_logs-security
From: The Alaskan Bear (akbear@akbearsden.com)
Date: Wed Jan 16 2002 - 18:42:52 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: The Alaskan Bear: "Re: httpd access_logs-security"
• Previous message: The Alaskan Bear: "Re: httpd access_logs-security"
• Next in thread: The Alaskan Bear: "Re: httpd access_logs-security"
• Maybe reply: The Alaskan Bear: "Re: httpd access_logs-security"

part 2:

-- 
Ted Montgomery
The Alaskan Bear's Den
akbear@akbearsden.com
Registered Linux User: #253251
907-242-9824
-- There are some things lots of money can buy ... --
 
-- For everything else, there is LINUX ... --
----- Forwarded message from ACME Sales Team <sales@acme-ent.net> -----
You might want to look at Apache::Nimda.  Here's a link:
http://www.keyslapper.org/Nimda/
BTW there is a similar module for CodeRed.
David Loutrel
Operations Manager,
ACME Enterprises Hosting & Design
www.acme-ent.net
Windows, A colorful clown-suit for DOS
----- Original Message -----
From: "W.D.McKinney" <deem@wdm.com>
To: <aklug@aklug.org>
Sent: Saturday, December 29, 2001 5:48 PM
Subject: Re: httpd access_logs-security et al
>
> Well something like this maybe ?
>
> #!/bin/sh
> tail -f /path/to/log/httpd/access_log|gawk '/default.ida|scripts/
> {system("/sbin/route add -host "$1" reject")}'
>
>
>
> William Bouterse <bill@bouterse.com> wrote:
> >
> > After the overwhelming inundation of Nimidia and others and continued
> > bloat of my home server access_logs and the recent malicious cracking
into a member of this lists server, I was wondering....?
> >
> > Where is one of those nice little scripts I remember seeing
> > to bounce back the access attempts returning them to the attention
> > of the administrator of the infected server?  Or other suggestions
> > for a realatively non-sophisticated linux user.
> >
> > I have misplaced the email concerning the cracked server and was
wondering
> > what the outcome of it all was and whether or not the members of this
group have a notification process setup whereas any comfirmed exploit is
immediately announced  Perhaps "SECURITY ALERT"!!!
> > ...Sometimes the list grows long with various discussions and I for one
have a tendency to skim and sometimes forget which is why I am writing
this....It would be nice to know the details of
> > security issues as it can affect us all both home user and business...
> >
> > I still have not perfected the balance between
> > too much and too little security
> >
> >
> > William Bouterse
> > Talkeetna, Ak.
>
>
> --
> W.D.McKinney (Dee)
> (907)349-4308 (Office)
> (907)349-2226 (Fax)
> http://3519098920
>
>
>
----- End forwarded message -----

• Next message: The Alaskan Bear: "Re: httpd access_logs-security"
• Previous message: The Alaskan Bear: "Re: httpd access_logs-security"
• Next in thread: The Alaskan Bear: "Re: httpd access_logs-security"
• Maybe reply: The Alaskan Bear: "Re: httpd access_logs-security"

This archive was generated by hypermail 2a23 : Wed Jan 16 2002 - 18:42:55 AKST