httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gold, Samuel (Contractor)" <Go...@ncr.disa.mil>
Subject RE: [users@httpd] Request !
Date Wed, 03 Sep 2003 13:36:48 GMT
Hi Kannan,

They are not my points, so maybe Geoffrey can shed some light on this
subject.  I know very little about what he was talking about.  But good luck
on finding a solution.


Thanks,
Sam Gold
-----Original Message-----
From: KAN NAN [mailto:kannan_mca@hotmail.com]
Sent: Wednesday, September 03, 2003 9:25 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Request !



Hi Mr. Samuel,
I accept your points, Using GID I can very well prevent certain
IP-Addresses, but I dont think this will be a permanent solution for this.
Say for example, Iam providing access only for IP addresses from Europe.
Ofcourse, it will solve the problem if the users are out of Europe, what if
any person from Europe tries to do the same kind of webcrawling.
Please have a look at this url : http://apacheunleashed.com/errata.html,
there it is mentioned that their website is protected from such attacks. I
am still searching for the solution, how to prevent such things.
thanks,
-kannan


 
>From: "Gold, Samuel (Contractor)" 
>Reply-To: users@httpd.apache.org 
>To: "'users@httpd.apache.org'" 
>Subject: RE: [users@httpd] Request ! 
>Date: Wed, 3 Sep 2003 08:22:03 -0400 
> 
>This was sent to the list yesterday by Geoffery. 
> 
>Actually, I would suggest placing a GIDS (gateway IDS) in front of the 
>box. Something like the Inline patches to snort or hogwash would take 
>care of this. A firewall will still allow hostile web traffic through to 
>the web server. However, a GIDS watches the traffic and if a signature 
>is matched it will take action against that traffic - even though the 
>traffic is for a legitimate service. 
> 
>geoffrey 
>-- 
>Geoffrey Bennett 
> 
> 
>Thanks, 
>Sam Gold 
>-----Original Message----- 
>From: KAN NAN [mailto:kannan_mca@hotmail.com] 
>Sent: Wednesday, September 03, 2003 8:24 AM 
>To: users@httpd.apache.org 
>Subject: [users@httpd] Request ! 
> 
> 
>Dear Friends, 
>We have a web-system using Apache web server and Jserv(servlet engine) 
>running on windows 2000. Our system was attempted to hack from some people.

>Iam very sure they were using telnet to access the port 80 of my webserver.

>I really dont know what was their intention. Server started giving Internal

>server error, immediately after their request. It affected us a lot. 
>Can any one tell me how I can prevent such kind of attacks, Or how I can 
>block entire telnet request into my web system. I tried filtering
User-Agent 
>string in the header, it didn't work, I tried using telnet to generate a 
>http request by giving input for User-Agent as Mozilla/4.0....., It 
>accepted, so there is no way that I can filter using User-Agent, they can 
>easily pretend as if the request is from a normal browser. 
> 
>anticipating your replies, 
>-kannan 
> 
> 
> 
>Need a naukri? Your search ends here. 50,000 of the best jobs! 
> 
>--------------------------------------------------------------------- The 
>official User-To-User support forum of the Apache HTTP Server Project. See 
>for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org "

>from the digest: users-digest-unsubscribe@httpd.apache.org For additional 
>commands, e-mail: users-help@httpd.apache.org 
> 
>--------------------------------------------------------------------- 
>The official User-To-User support forum of the Apache HTTP Server Project. 
>See for more info. 
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org 
> " from the digest: users-digest-unsubscribe@httpd.apache.org 
>For additional commands, e-mail: users-help@httpd.apache.org 
> 



Access Hotmail from your mobile now. Click here. 

--------------------------------------------------------------------- The
official User-To-User support forum of the Apache HTTP Server Project. See
for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org "
from the digest: users-digest-unsubscribe@httpd.apache.org For additional
commands, e-mail: users-help@httpd.apache.org 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message