Re: how to filter this?
From: sam (samwun_at_hgcbroadband.com)
Date: 10/27/04
- Next message: Peter Matulis: "Re: how to filter this?"
- Previous message: David Mayer: "Re: Disabling the password "quality" checking feature"
- In reply to: Peter Matulis: "Re: how to filter this?"
- Next in thread: Peter Matulis: "Re: how to filter this?"
- Reply: Peter Matulis: "Re: how to filter this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 27 Oct 2004 09:32:56 +0800
Peter Matulis wrote:
> On Mon, 25 Oct 2004 11:04:19 +0800, sam <samwun@hgcbroadband.com>
> wrote:
>
>
>>Last night my website received alot of buffer overflow attacks with the
>>following content:
>>1.2.3.4 - - [25/Oct/2004:10:05:34 +0800] "SEARCH
>>/\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x
>>02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\
>>x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1
>>
>>The apache is has plugins mod_security and mod_filter compiled with.
>>How can I implement rules to filter the above attack?
>
>
> In an apache newsgroup I guess.
Unfortunately I people use dynamic IP which without reverse-lookup
capability is not able to subscribe to apache mailing list.
Sam.
- Next message: Peter Matulis: "Re: how to filter this?"
- Previous message: David Mayer: "Re: Disabling the password "quality" checking feature"
- In reply to: Peter Matulis: "Re: how to filter this?"
- Next in thread: Peter Matulis: "Re: how to filter this?"
- Reply: Peter Matulis: "Re: how to filter this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
