[CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
Les Mikesell
lesmikesell at gmail.comWed Aug 31 17:32:41 UTC 2011
- Previous message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Next message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Aug 31, 2011 at 12:17 PM, John R Pierce <pierce at hogranch.com> wrote: >> Wrong. Some can be determined by machine searching for 'known' invalid >> URL strings which are not remotely similar to valid web page names. > > there's an infinite number of invalid strings, and only a finite number > of valid ones. > > anyways, your webserver already filters these out, its not going to > respond to an invalid URL with anything other than '404'. thats its job. The idea isn't as crazy as it sounds - expensive firewalls offer the option to block URLs including known exploits and it is a much faster way to protect a farm of servers behind it than waiting for the OS vendor to come up with a service pack to make the servers less vulnerable. -- Les Mikesell lesmikesell at gmail.com
- Previous message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Next message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list