httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Cicimov <icici...@gmail.com>
Subject RE: [users@httpd] Configure httpd not to send responses
Date Mon, 06 Feb 2012 21:31:05 GMT
Then redirect you error pages in the same way too.
 On Feb 7, 2012 5:05 AM, "Andrew Hester" <Andrew.Hester@mouser.com> wrote:

> Thanks for your reply.****
>
> ** **
>
> I could and I have written a small webserver in Python as a test as well.
>   Of course with this I will have to duplicate the functionality of
> mod_evasive also in my code.****
>
> ** **
>
> I am not sure that this benefits me though, because I think that either
>  web server will respond with 404’s and 500’s on error.   The webserver I
> wrote takes the connection and parses info and does not respond with
> content, but if I telnet the port and create an error, I see an error
> message even though it isn’t part of the code I wrote (it must be in the
> library I used).  I believe that I will have the same issue with httpd.***
> *
>
> ** **
>
> ** **
>
> I have a  web application firewall that uses mod_security + ? and it is
> capable of being deployed in this manner.  It receives traffic on a span
> port (mirrored traffic) and it does not respond to the traffic.  It is very
> much like an IDS would consume the traffic but not think that it the
> traffic was really destined for itself and try to serve content.  It has
> other interfaces on other subnets for logging, alerting, etc. but does not
> try to serve the web content requested (as far as I know – have put a
> sniffer on it).****
>
> ** **
>
> ** **
>
> Am I missing something?****
>
> ** **
>
> Thanks,****
>
> Andy ****
>
> ** **
>
> ** **
>
> *From:* Igor Cicimov [mailto:icicimov@gmail.com]
> *Sent:* Friday, February 03, 2012 11:30 PM
> *To:* users@httpd.apache.org
> *Subject:* Re: [users@httpd] Configure httpd not to send responses****
>
> ** **
>
> How about redirecting all the traffic to a cgi script that does nothing?
> Or it might be a script that parses the headers and creates some stats
> files for you.****
>
> On Feb 4, 2012 5:11 AM, "Andrew Hester" <Andrew.Hester@mouser.com> wrote:*
> ***
>
> Hello,****
>
>  ****
>
> I would like to use httpd with mod_remoteip and mod_evasive to provide
> some DoS response for my site.   I might later use mod_security for other
> rules as well.  Because of many reasons the httpd server will will not be
> inline, but instead I intend to mirror traffic to the server for analysis.
> ****
>
>  ****
>
> So, I won’t have any content on the server and do not want 400 or 500
> errors going back to the client but I do want to analyze the requests.  I
> will use a  script to create firewall rules when DoS rules are triggered.*
> ***
>
>  ****
>
>  ****
>
> I have not been able to find any docs on this and I’m not sure what the
> common terminology is for this configuration.   Any tips on how to prevent
> this honeypot-ish server from responding back to real clients would be
> appreciated.****
>
>  ****
>
>  ****
>
> Thanks,****
>
> Andy ****
>
>  ****
>
> ** **
> ------------------------------
>
> This communication, its contents and any file attachments transmitted with
> it are intended solely for the addressee(s) and may contain confidential
> proprietary information.
> Access by any other party without the express written permission of the
> sender is STRICTLY PROHIBITED.
> If you have received this communication in error you may not copy,
> distribute or use the contents, attachments or information in any way.
> Please destroy it and contact the sender.****
>

Mime
View raw message