I really dont understand the point on having the IPs blocked at the Web Server Level and I specially dont believe that blocking a Class A net will do you any good.
If you are having constant "Code Red" or "Nimda" probes on your web boxes, which is the case of everybody here, you should block the request at an IDS Level or a Firewall Level or any other content filtering device placed at the top level of your network. If you want to feel in control, dont go for the addresses, go for the packets =) Sata ----- Original Message ----- From: "Christopher Low" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, October 23, 2001 11:57 PM Subject: What do I need to block class A addresses on win2k > I'm running Omni httpd as my webserver and I'm constantly being attacked by > nimda/code red infected machines, the vast majority seems to be originating > from 210.* which I would simply love to ipsec away. > > ipsec seems to work for class C only. > > The webserver is personal/local and used as a debug site for a few > developers so they will not be affected. > > What software do I need to get? > > Its omnihttpd 2.08, Win 2k pro. > > thanks >
