2010/04/081 728x90 Linux : using iptables string-matching filter to block vulnerability scanners Does "w00tw00t.at.ISC.SANS.DFind:)" sound familiar to you ? If you own one ore more servers, there are a lot of chances you found it in your logs and that it gave you headaches or even nightmares trying unsuccessfully to get rid of it. It always looks like this in your apache logs : 213.251.134.23 [16/Nov/2008:07:43:58] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 213.251.134.23 [16/Nov/2008.. 2010. 4. 8. 이전 1 다음 728x90 728x90
