httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anders Widman <ande...@tnonline.net>
Subject Re: [users@httpd] Re: access log -- GET /scripts/..%%35%63../winnt/system32
Date Sun, 20 Oct 2002 19:52:52 GMT
> rather than filtering the infected server's IP address, is it possible to
> filter its MAC address ?

I  would  think not, as the mac-address is usually not routed onto the
net.

- Anders


> Chris.

>> -----Message d'origine-----
>> De : Lee Grey [mailto:leegrey@mindspring.com]
>> Envoye : dimanche 20 octobre 2002 20:32
>> A : users@httpd.apache.org
>> Objet : RE: [users@httpd] Re: access log -- GET
>> /scripts/..%%35%63../winnt/system32
>>
>>
>> On the other hand, given the fact that so many users have dynamic IP
>> addresses, you are really blocking a number that can't be guaranteed to
>> match the machine it came from at that moment.  The next day or two weeks
>> later, you are probably still vulnerable to the same "attack"
>> from the same
>> infected machine, while having blocked access to your site by whatever
>> innocent machine currently has that IP address.
>>
>> Just a thought.
>>
>> Best wishes,
>> Lee Grey
>> Grey Matter
>> http://www.URLinOne.com
>>
>> -----Original Message-----
>> From: Jeff Beard [mailto:jeff@cyberxape.com]
>> Sent: Sunday, October 20, 2002 2:24 PM
>> To: users@httpd.apache.org
>> Subject: Re: [users@httpd] Re: access log -- GET
>> /scripts/..%%35%63../winnt/system32
>>
>>
>>
>>
>> PeterKorman wrote:
>> [...]
>>
>> > So my question is this: It this sledgehammer I'm using likely
>> to hurt me?
>>
>> No but neither is the worm.
>>
>> --Jeff
>>
>> --
>> Jeff Beard | Systems Architecture, Programming, Management
>> Contact    | jeff at cyberxape dot com, 303.443.9339
>> Location   | In front of the computer, Boulder, CO, USA
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>



> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message