Au inceput sa apara contra-masurile..... http://linuxpr.com/releases/4067.html codeRedKiller achieves these goals with a straightforward PHP script (included) that masquerades as the "defualt.ida" file that CodeRed itself searches out. If a request is made to this file (a PHP script in this case) it simply records the IP address of the offending host (the requestor) to a file. That file is then parsed by a shell script (bash in this case, also included) that simply reads the offending IP addresses and adds a rule to a firewall mechanism to DENY any further requests from the offending hosts (ipchains in this case, but very easily adapted.) The shell script is then set in cron and at a predetermined interval automatically grabs the file of offending hosts, drops them and cleans out the file. Once it is setup it runs on its own and continues to drop offending hosts. --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
