Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 7 Apr 2006 15:20:44 -0400
From:      "fbsd_user" <fbsd_user@a1poweruser.com>
To:        "Robert Huff" <roberthuff@rcn.com>, "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org>
Subject:   RE: web server attack
Message-ID:  <MIEPLLIBMLEEABPDBIEGGEFHHEAA.fbsd_user@a1poweruser.com>
In-Reply-To: <17462.47412.848744.740663@jerusalem.litteratus.org>

next in thread | previous in thread | raw e-mail | index | archive | help
mod_security is in the ports collection

-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Robert Huff
Sent: Friday, April 07, 2006 3:11 PM
To: freebsd-questions@FreeBSD. ORG
Subject: Re: web server attack



Frank Laszlo writes:

>  >> Does anyone know what this is and what I can do to stop it
>  >> besides adding the ip address to my firewall block rules?
>  >
>  > I suppose that someone is trying to exploit mod_proxy to
connect to an
>  > SMTP server (that's the "CONNECT 4.79.181.15:25" part), or at
least
>  > get HTTP replies back.
>
>  Setup mod_security to block that type of request. Any chance you
>  can capture some packets and send a link? I'd like to take a look
>  at it.

	Running apache-2.2, I don't seem to have _security among the
modules.  Do I need to change my config (and rebuild), or does it
perhaps go by another name in this version?


				Robert Huff


_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGGEFHHEAA.fbsd_user>