Arrg, to bandwith mou !!
Pavlos Parissis
p_pavlos at otenet.gr
Thu Sep 20 21:35:02 EEST 2001
When the time was Wed, 19 Sep 2001 07:35:11 +0000, I.Ioannou wrote....
I.Ioannou->Exei kaneis kana kalo script na kanei ban-out (firewall rules)
I.Ioannou->aytes ths IPs (kai pws ginetai me ta low permissions
I.Ioannou->pou exei o apache ?)
Apo post sthn security-discuss at linuxsecurity.com
I have been adding dirctives like these to cut down on the log size:
SetEnvIfNoCase Request_URI "^/scripts/" nolog
SetEnvIfNoCase Request_URI "^/msadc/" nolog
SetEnvIfNoCase Request_URI "^/_vti_bin/" nolog
SetEnvIfNoCase Request_URI "^/_mem_bin/" nolog
SetEnvIfNoCase Request_URI "^/c/winnt/" nolog
SetEnvIfNoCase Request_URI "^/d/winnt/" nolog
SetEnvIfNoCase Request_URI "^/default.iba" nolog
Redirect gone /scripts/
Redirect gone /msadc/
Redirect gone /_vti_bin/
Redirect gone /_mem_bin/
Redirect gone /c/winnt/
Redirect gone /d/winnt/
Redirect gone /default.ida <<<<afto einai tipografiko lathos tou scott dexter to sosto einai
default.iba
Now add "env=!nolog" to the end of your CustomLog directive, like this:
CustomLog /usr/local/apache/logs/access_log common env=!nolog
David Correa wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Aloha,
>
> I would like to know how sys. admins. (in this list) are dealing with
> the flood of worm related entries on apache logs.
>
> Is there any way to improve the iptables rule set to prevent this flood,
> with out blocking port 80 or denying specific IP's (the list would be
> too big)
>
> Thanks
>
> david
>
Dokimaseto se polous doulepse.
AKoma des ena Dynamic snort log 2 iptables edw http://www.newald.de/dsli/
ELpizw na voithisa.
Filika,
Pavlos
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I love having the feeling of being in control
while i have the sensation of speed
The surfer of life
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Linux-greek-users
mailing list