I know it's for ssh BUT changing the log file for it look monitor and
the strings it's looking for makes it a very effective little perl
script and works with iptables. Just rename the file to apacheblack.pl
and your golden :P.
Good luck!
Thanks,
Adrian
On Thu, Oct 21, 2010 at 11:40 AM, Kai Witzke <security (at) gaark (dot) de [email concealed]> wrote:
> Hey everybody!
>
> I have some serious problems with flooding attacks to my apache2. No
> problems with logins oder syn floods, just a huge amount of simple
> requests to my server from the same ip. Anyone got a nice howto on that
> or maybe a nice regex prepared for counting such requests and blocking
> the greedy ones?
>
> thanks in advance
> Kai
>
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
>
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
I know it's for ssh BUT changing the log file for it look monitor and
the strings it's looking for makes it a very effective little perl
script and works with iptables. Just rename the file to apacheblack.pl
and your golden :P.
Good luck!
Thanks,
Adrian
On Thu, Oct 21, 2010 at 11:40 AM, Kai Witzke <security (at) gaark (dot) de [email concealed]> wrote:
> Hey everybody!
>
> I have some serious problems with flooding attacks to my apache2. No
> problems with logins oder syn floods, just a huge amount of simple
> requests to my server from the same ip. Anyone got a nice howto on that
> or maybe a nice regex prepared for counting such requests and blocking
> the greedy ones?
>
> thanks in advance
> Kai
>
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
>
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[ reply ]