web server attack
fbsd_user
fbsd_user at a1poweruser.com
Fri Apr 7 19:20:51 UTC 2006
mod_security is in the ports collection
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Robert Huff
Sent: Friday, April 07, 2006 3:11 PM
To: freebsd-questions at FreeBSD. ORG
Subject: Re: web server attack
Frank Laszlo writes:
> >> Does anyone know what this is and what I can do to stop it
> >> besides adding the ip address to my firewall block rules?
> >
> > I suppose that someone is trying to exploit mod_proxy to
connect to an
> > SMTP server (that's the "CONNECT 4.79.181.15:25" part), or at
least
> > get HTTP replies back.
>
> Setup mod_security to block that type of request. Any chance you
> can capture some packets and send a link? I'd like to take a look
> at it.
Running apache-2.2, I don't seem to have _security among the
modules. Do I need to change my config (and rebuild), or does it
perhaps go by another name in this version?
Robert Huff
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list