[prev in list] [next in list] [prev in thread] [next in thread]
List: incidents
Subject: Nimda and others filter for apache
From: venomous <venomous () RDCREW ! COM ! AR>
Date: 2001-09-25 11:20:17
[Download RAW message or body]
Hi
rdC-nf.c
/* anti nimda (and others) coded by venomous for apache
*
* You just specify the access_log file, this program will see if any ip
* request the urls that you specify on ./rdC-sf.config, if they are found
* they get counted T times.. when count reaches the max permitted, the ip
* is filtered out.
*
* note, if you are going to read the file error_log to see if someone
* requested your forbidden urls, please uncomment the #define
*
* example cfg file:
* # cat rdC-nf.config
* /root.exe
* /cmd.exe
* #
*
* http://www.rdcrew.com.ar - Argentinian Security Group
*/
ps, the file is chequed constantly, and a log is written with the
ip's of the attackers.
You can get it from that url. greets
-venomous
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic