WebApp Sec mailing list archives

Re: fail2ban

From: Adrian J Milanoski <amilanoski () gmail com>
Date: Mon, 25 Oct 2010 21:51:07 -0400

Check out sshbalck.

I know it's for ssh BUT changing the log file for it look at and thestrings it's looking for makes it a very effective little perl script.



Thanks,
Adrian
_________________
Sent from my iPhone

On 2010-10-21, at 11:40 AM, Kai Witzke <security () gaark de> wrote:

Hey everybody!

I have some serious problems with flooding attacks to my apache2. No
problems with logins oder syn floods, just a huge amount of simple

requests to my server from the same ip. Anyone got a nice howto onthat

or maybe a nice regex prepared for counting such requests and blocking
the greedy ones?

thanks in advance
Kai




This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------




This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.

Request Yours Now!http://www.cenzic.com/2009HClaunch_Securityfocus

--------------------------------------

Current thread:

fail2ban Kai Witzke (Oct 25)
- Re: fail2ban Adrian J Milanoski (Oct 25)
  - Re: fail2ban Ryan Dewhurst (Oct 26)
    - Re: fail2ban primehaxor (Oct 26)
- Re: fail2ban Jamuse (Oct 26)
- Re: fail2ban Rafel Ivgi (Oct 26)
- Re: fail2ban Dale Stirling (Oct 26)
- RE: fail2ban Perry B. Whelan (Oct 26)
  - Re: fail2ban robert (Oct 28)
- Re: fail2ban Adrian J Milanoski (Oct 28)
- <Possible follow-ups>
- Re: fail2ban Alexandro Silva (Oct 31)