Hi,
I'm trying find out if there is a way to stop a brute force attack on a Webmail site. I'm trying to setup a webmail access, but I would like to prevent too many invalid logins from the same IP.
I've looked into Snort, but I was wondering if there was an application level firewall that can blacklist an IP for few minutes.
Iptables can prevent ssh attack:
Code:
/sbin/iptables -D INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
/sbin/iptables -D INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name SSH -j DROP
Can something similar be done for http? Probably not?
since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise:
this is just one of a many and I beleived it's a bruteforce attack
how do i block this IP 200.41.81.228 from trying to knock my online pc?
my system:
FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Double question here ... Running on Debian Etch and Apache 2.0
1) Using mod_proxy and/or mod_proxy_http in apache 2.0.
The basics of using mod_proxy are pretty simple so long as you're using a static config. I'm trying to figure out how to do it dynamically - that is, allow the entry of a... (4 Replies)
Im currently experiancing a brute force attack on my server
Nov 26 15:27:04 ws096 saslauthd: do_auth : auth failure:
Nov 26 15:27:13 ws096 saslauthd: do_auth : auth failure:
Nov 26 15:27:22 ws096 saslauthd: do_auth : auth failure:
Nov 26 15:27:29 ws096... (4 Replies)
About 3 days ago our Apache logs started filling with the following errors:
mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified
These initially were... (1 Reply)
Hi,
I have a belkin router installed and a look at the security log has got me worried a little bit.
Security log:
Fri Jan 29 20:41:46 2010
=>Found attack from 68.147.232.199.
Source port is 58591 and destination port is 12426 which use the TCP protocol.
Fri Jan 29 20:41:46 2010 ... (1 Reply)
In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
I want to test the effectiveness of sshguard on some of my systems so I'm trying to write a script that simulates a brute force attack by sending a bunch of different username and password combinations to the servers being tested. So far I have this:
#!/usr/local/bin/expect
set timeout 3... (5 Replies)
Discussion started by: ph0enix
5 Replies
LEARN ABOUT DEBIAN
runapp::apache
RunApp::Apache(3pm) User Contributed Perl Documentation RunApp::Apache(3pm)NAME
RunApp::Apache - Apache control for RunApp
SYNOPSIS
use RunApp::Apache;
$apache = RunApp::Apache->new
(root => "/tmp/apache_run",
report => 1,
apxs => '/usr/local/sbin/apxs',
# httpd => '/usr/local/sbin/httpd',
required_modules => ["log_config", "alias", "perl", "mime"],
config_block => q{
[% IF AP_VERSION == 2 %]
eval { use Apache2 };
eval { use Apache::compat };
[% END %]
<Location /myapp>
AllowOverride None
SetHandler perl-script
PerlSetVar approot [% cwd %]
PerlHandler MyApp
Options +ExecCGI
</Location>
});
DESCRIPTION
This is the class for defining a apache web server to be used in RunApp.
CONSTRUCTOR
new (%arg)
Required arg:
root
The root for the apache instance.
apxs
httpd
If "apxs" is specified, "httpd" will be derived from it.
required_modules
A arrayref to the apache modules required.
config_block
The config block that will be the extra block in the template used by RunApp::Template::Apache.
CTL The class for handling apachectl. The default is RunApp::Control::AppControl. You can also use RunApp::Control::ApacheCtl.
CONF
The class for handling apache config. The default is RunApp::Template::Apache. It is used in the "build" phase of RunApp
SEE ALSO
RunApp, RunApp::Control::Apache, RunApp::Template::Apache, App::Control
AUTHORS
Chia-liang Kao <clkao@clkao.org>
Refactored from works by Leon Brocard <acme@astray.com> and Tom Insam <tinsam@fotango.com>.
COPYRIGHT
Copyright (C) 2002-5, Fotango Ltd.
This module is free software; you can redistribute it or modify it under the same terms as Perl itself.
perl v5.8.8 2008-01-09 RunApp::Apache(3pm)
10-30-2008
