on 5/8/2011 10:46 AM Jason spake the following:
Hi All,
I want to know thoughts on if I am being to paranoid/security conscious.
snip
You know what they say;
Just because you are paranoid does not mean that some one is NOT out to get
you!
___
On 5/9/2011 11:09 AM, Scott Silva wrote:
on 5/8/2011 10:46 AM Jason spake the following:
Hi All,
I want to know thoughts on if I am being to paranoid/security conscious.
snip
You know what they say;
Just because you are paranoid does not mean that some one is NOT out to get
you!
I think
Weblabyrinth is another offensive countermeasure that no one had mentioned
yet. It's still pretty new but worth keeping an eye on.
It basically creates a bunch of bogus pages that traps scripts that are
trying to crawl your website. It also logs anything that gets trapped so
you can tie this to
Weblabyrinth is another offensive countermeasure that no one had mentioned yet.
It's still pretty new but worth keeping an eye on.
It basically creates a bunch of bogus pages that traps scripts that are
trying to crawl your website. It also logs anything that gets trapped so you
can tie
Hi All,
I want to know thoughts on if I am being to paranoid/security conscious.
CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and
obviously the built-in firewall on the box. I have ssh on a different port and
starting to use Keys instead of password authentication. I
2011/5/8 Jason slackmoehrle.li...@gmail.com:
Hi All,
I want to know thoughts on if I am being to paranoid/security conscious.
CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and
obviously the built-in firewall on the box. I have ssh on a different port
and starting
quick answer: even paranoids have enemies
On Sun, 8 May 2011, Jason wrote:
So I turned on Apache ReWrite and I created a file and I put in rules like:
(just a small subset)
RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR]
RewriteCond %{REQUEST_URI} ^/phpmy(.*) [NC,OR]
.snip
2. I know
On 05/08/2011 10:46 AM, Jason wrote:
4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit
and they are re-directed back to themselves? My rules seem to be working, if
I try and hit /scripts right now, it does what I expect.
[...]
Because the remote loader is a robot,
Hi Russ,
3. Is there a better way to right these rules?
I wrote about my approch some time ago ...
http://orcorc.blogspot.com/2010/06/reading-logs-part-3-run-your-updates.html
Send them safely off your box, and back home
I read your article and It seems we are doing the same thing? Is
At Sun, 8 May 2011 10:46:17 -0700 CentOS mailing list centos@centos.org wrote:
Hi All,
I want to know thoughts on if I am being to paranoid/security conscious.
CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and
obviously the built-in firewall on the box. I have
Robert,
1. Am I being to paranoid by doing this? My logic is they dont belong here
and I could get mad if someone walked up to my apartment and tried jiggling
the door handle to see if it was unlocked.
Well, yes. There is a simplier way -- Apache does have an 'error page'
handler,
-Original Message-
From: centos-boun...@centos.org
[mailto:centos-boun...@centos.org] On Behalf Of Jason
Sent: Sunday, May 08, 2011 15:02
To: CentOS mailing list
Subject: Re: [CentOS] Am I being to paranoid?
Hi Russ,
3. Is there a better way to right these rules?
I
mailing list
Subject: Re: [CentOS] Am I being to paranoid?
Hi Russ,
3. Is there a better way to right these rules?
I wrote about my approch some time ago ...
http://orcorc.blogspot.com/2010/06/reading-logs-part-3-run-your-update
s.html
Send them safely off your box
On Sun, May 08, 2011 at 08:57:23PM +0300, Eero Volotinen wrote:
You should take a look at mod_security: http://www.modsecurity.org/ ,
if provides better ways to block hostile attacks and probes.
Really? 99 lines of untrimmed material for a 2 line reply?
On 5/8/2011 4:53 PM, John R. Dennison wrote:
On Sun, May 08, 2011 at 08:57:23PM +0300, Eero Volotinen wrote:
You should take a look at mod_security: http://www.modsecurity.org/ ,
if provides better ways to block hostile attacks and probes.
Really? 99 lines of untrimmed material for a 2 line
On 08/05/11 23:31, John Hinton wrote:
I know Fail2Ban is not a CentOS standard package, but it would be nice
if we could build a place on the CentOS website where rules could be
shared. Each environment is a bit different and so the rules need to be
adapted. I have found the need for edits
16 matches
Mail list logo