From: Fabrice MARIE <fabrice@celestix.com>
To: "Joe de Vera Jr." <jhoedv@we-amuse.com>, netfilter@lists.netfilter.org
Subject: Re: Filtering Nimda, Code Red and Code Red II
Date: Wed, 11 Sep 2002 17:58:56 +0800 [thread overview]
Message-ID: <200209111758.56593.fabrice@celestix.com> (raw)
In-Reply-To: <00a601c259ee$57f815c0$6500a8c0@systemsadmin>
On Thursday 12 September 2002 07:52, Joe de Vera Jr. wrote:
> hello fellas,
> can i make use of the iptables scripting to disable the access pages... for
> example for code red it access /default.ida page while in nimda /root.exe
> and cmd.exe
> is there a way to dis allow this..
> thanks
> Joe
Hello,
you really shouldn't use iptables for such purpose as there is no clean
and proper way to it in iptables. iptables is a packet filter. What you
need is an filtering application proxy, in your case a filtering HTTP proxy.
Read-on the mailing archive, and the iptables FAQ if you want to know
the full details.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
next prev parent reply other threads:[~2002-09-11 9:58 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-09-09 12:40 Is DIVERT w/o forwarding feasible? Yury Bokhoncovich
2002-09-11 8:16 ` Anders Fugmann
2002-09-11 13:39 ` Yury Bokhoncovich
2002-09-11 14:08 ` Anders Fugmann
2002-09-11 15:37 ` Antony Stone
2002-09-12 4:21 ` Yury Bokhoncovich
2002-09-11 23:50 ` using iptables to filter nimda. code red virus Joe de Vera Jr.
2002-09-13 9:57 ` Martijn Klingens
2002-09-13 10:21 ` Antony Stone
2002-09-11 23:52 ` Filtering Nimda, Code Red and Code Red II Joe de Vera Jr.
2002-09-11 9:21 ` Anders Fugmann
2002-09-11 10:42 ` Maciej Soltysiak
2002-09-11 12:48 ` Antony Stone
2002-09-11 13:59 ` Ramin Alidousti
2002-09-11 14:08 ` Roy Sigurd Karlsbakk
2002-09-11 14:40 ` Ramin Alidousti
2002-09-11 14:50 ` Antony Stone
2002-09-11 14:13 ` Antony Stone
2002-09-11 11:10 ` Martijn Klingens
2002-09-11 9:58 ` Fabrice MARIE [this message]
2002-09-11 12:00 ` Antony Stone
2002-09-12 6:38 ` Torge Szczepanek
2002-09-13 8:28 ` Jozsef Kadlecsik
2003-04-24 11:56 ` Is DIVERT w/o forwarding feasible? Yury Bokhoncovich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200209111758.56593.fabrice@celestix.com \
--to=fabrice@celestix.com \
--cc=jhoedv@we-amuse.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox