[olug] Apache

Trent Melcher tmelcher at trilogytel.com
Tue Nov 11 19:45:45 UTC 2003


I use a service-policy on the inbound interfaces of my routers to block 
these kind of attacks.  This way none of the web servers even see the 
packets, they just get dropped in the bit bucket.

Trent



On Tue, 11 Nov 2003, Jon H. Larsen wrote:

> 
> Does anyone have any suggestions for dealing with the multitude of IIS 
> attacks against an Apache server?
> 
> I know there is a mod_rewrite item, but I was looking for a consensus of 
> the various techniques that are being employed and what people like the 
> most.
> 
> I'm getting annoyed at seeing items like this all the time in my logs:
> 12.229.49.123 - - [11/Nov/2003:10:51:08 -0600] "GET 
> /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 500 1078 "-" 
> "-"
> 
> Jon L.
> 
> 
> 



More information about the OLUG mailing list