[prev in list] [next in list] [prev in thread] [next in thread] 

List:       incidents
Subject:    Nimda and others filter for apache
From:       venomous <venomous () RDCREW ! COM ! AR>
Date:       2001-09-25 11:20:17
[Download RAW message or body]

Hi

rdC-nf.c

/* anti nimda (and others) coded by venomous for apache
 *
 * You just specify the access_log file, this program will see if any ip
 * request the urls that you specify on ./rdC-sf.config, if they are found
 * they get counted T times.. when count reaches the max permitted, the ip
 * is filtered out.
 *
 * note, if you are going to read the file error_log to see if someone
 *       requested your forbidden urls, please uncomment the #define
 *
 * example cfg file:
 * # cat rdC-nf.config
 * /root.exe
 * /cmd.exe
 * #
 *
 * http://www.rdcrew.com.ar - Argentinian Security Group
 */

ps, the file is chequed constantly, and a log is written with the
ip's of the attackers.


You can get it from that url. greets

-venomous



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

[prev in list] [next in list] [prev in thread] [next in thread]