On 08/31/11 9:00 AM, Always Learning wrote:
No I do not want "another piece of software to parse the http protocol and analyze the traffic".
IT Tables, in which I have great confidence and trust, can do it.
iptables will filter on packet headers and such at layer 3, it can't and won't analyze the content of packets, regardless of your emotional attachments.
of course, to even consider doing such you would have to, in very precise terms, define exactly what comprises a 'hacking attempt'. do you give this filter a list of all valid URLs and trigger your block on any that aren't on that list?
My definition: a hacking attempt is deliberately, meaning not a typing error, sending an invalid web page request. Obviously one should exclude the 'standard' wrong URLs issued by some software like the M$ Office responses and crossdomain requests.
I said precisely. computers don't understand 'deliberate' vs 'typing error', those are subjective measures.