Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Script Kiddy Defence Script
- Date: Thu, 9 Jun 2005 18:02:47 +0900 (JST)
- From: Joe Larabell <larabell@???>
- Subject: Re: [tlug] Script Kiddy Defence Script
- References: <20050607225949.2fd16669@example.com><20050608094344.91802.qmail@example.com> <20050608191147.613e42b4@example.com>
> Yes, I'm planning to do that. Not sure yet which other attacks are > worth considering... maybe port scans, exploit tests via http... > well, if someone has ideas, let me know. I wrote a short perl script to scan a weblog in real-time looking for the typical IIS exploits. In my case, I was less forgiving, in that I blocked the IP until the following midnight (just because I didn't want to have to deal with counting down timeouts and the like -- just run a cronjob to clear out the SHITLIST chain at midnight every day. It cut down on a lot of crud in the web logs. I'll send you the script if you're interested. In the case of port scans, closing the ports seems to keep the kids out. -- Joe Larabell -- Synopsys VCS Support US: larabell@example.com http://wwwin.synopsys.com/~larabell/ Japan: larabell@?jp
- Follow-Ups:
- Re: [tlug] Script Kiddy Defence Script
- From: Shawn
- Re: [tlug] Script Kiddy Defence Script
- From: Michael Reinsch
- Re: [tlug] Script Kiddy Defence Script
- References:
- [tlug] Script Kiddy Defence Script
- From: Michael Reinsch
- Re: [tlug] Script Kiddy Defence Script
- From: Nguyen Hung Vu
- Re: [tlug] Script Kiddy Defence Script
- From: Michael Reinsch
- [tlug] Script Kiddy Defence Script
- Prev by Date: Re: [tlug] [announcement] Jun 10 TLUG Nomikai Meeting
- Next by Date: Re: [tlug] Script Kiddy Defence Script
- Previous by thread: Re: [tlug] Script Kiddy Defence Script
- Next by thread: Re: [tlug] Script Kiddy Defence Script
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |