[olug] Apache
Trent Melcher
tmelcher at trilogytel.com
Tue Nov 11 19:45:45 UTC 2003
I use a service-policy on the inbound interfaces of my routers to block
these kind of attacks. This way none of the web servers even see the
packets, they just get dropped in the bit bucket.
Trent
On Tue, 11 Nov 2003, Jon H. Larsen wrote:
>
> Does anyone have any suggestions for dealing with the multitude of IIS
> attacks against an Apache server?
>
> I know there is a mod_rewrite item, but I was looking for a consensus of
> the various techniques that are being employed and what people like the
> most.
>
> I'm getting annoyed at seeing items like this all the time in my logs:
> 12.229.49.123 - - [11/Nov/2003:10:51:08 -0600] "GET
> /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 500 1078 "-"
> "-"
>
> Jon L.
>
>
>
More information about the OLUG
mailing list