[CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
John R Pierce
pierce at hogranch.comWed Aug 31 15:41:58 UTC 2011
- Previous message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Next message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 08/31/11 8:22 AM, Always Learning wrote: > Looking at your example seems to suggest Fail2Ban is an 'after the > event' response. I would like to implement 'before the event' filtering > which prevents, even on the first detected hacking attempt, anything > reaching HTTPD. so you want another piece of software to parse the http protocol and analyze the traffic, before passing it on to your web server, which is going to parse the http protocol and deliver content? good luck with that. of course, to even consider doing such you would have to, in very precise terms, define exactly what comprises a 'hacking attempt'. do you give this filter a list of all valid URLs and trigger your block on any that aren't on that list? anyways, the design of such would better be discussed on a security tools mail list as its a very general topic, there's nothing here even remotely centos specific. -- john r pierce N 37, W 122 santa cruz ca mid-left coast
- Previous message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Next message: [CentOS] Centos VPS Kernel 2.6.35.4 & 'string-less' IP tables
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list