Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Possible to ban all connection attempts containing "dll
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Lews_Therin
l33t
l33t


Joined: 03 Oct 2003
Posts: 657
Location: Banned
PostPosted: Tue Jan 13, 2004 8:18 am    Post subject: Possible to ban all connection attempts containing "dll Reply with quote
I'm running an apache2 server, and every day I get several nsisslog.dll entries in my log. Is it possible to simply never acknowledge these connections? IE, if somebody does this the server will time them out. These windows exploits are really annoying.
Back to top
View user's profile Send private message
Janne Pikkarainen
Veteran
Veteran


Joined: 29 Jul 2003
Posts: 1143
Location: Helsinki, Finland
PostPosted: Tue Jan 13, 2004 10:23 am    Post subject: Reply with quote
If you just want to make your logs more readable, you may ignore nsisslog.dll entries by putting something like this to your apache2.conf (well, this works at least with Apache 1.3 which I'm more familiar with :-):

Code:
SetEnvIf Request_URI "*nsisslog.dll" ignored
CustomLog /var/log/apache2/access_log combined env!=ignored


If you want to reject the actual requests, too, so they wouldn't ever be served, then Apache's mod_rewrite allows you to do this. Put something like this to your apache2.conf:

Code:
RewriteEngine On
RewriteRule           *nsisslog.dll      http://some.timeouting.foobar.place [L,R]


Another way is to return something visible to user. For example,

Code:
RewriteEngine On
RewriteRule           *nsisslog.dll       -  [F]


would return error code Forbidden to all urls containing nsisslog.dll.
_________________
Yes, I'm the man. Now it's your turn to decide if I meant "Yes, I'm the male." or "Yes, I am the Unix Manual Page.".
Back to top
View user's profile Send private message
Janne Pikkarainen
Veteran
Veteran


Joined: 29 Jul 2003
Posts: 1143
Location: Helsinki, Finland
PostPosted: Tue Jan 13, 2004 10:25 am    Post subject: Reply with quote
Oh, and more ideas can be found from Apache mod_rewrite guide.
_________________
Yes, I'm the man. Now it's your turn to decide if I meant "Yes, I'm the male." or "Yes, I am the Unix Manual Page.".
Back to top
View user's profile Send private message
Lews_Therin
l33t
l33t


Joined: 03 Oct 2003
Posts: 657
Location: Banned
PostPosted: Wed Jan 14, 2004 11:51 pm    Post subject: Reply with quote
Kickass, thanks. No more annoying log entries.
Back to top
View user's profile Send private message
Janne Pikkarainen
Veteran
Veteran


Joined: 29 Jul 2003
Posts: 1143
Location: Helsinki, Finland
PostPosted: Thu Jan 15, 2004 7:09 am    Post subject: Reply with quote
Great. 8) You're welcome.
_________________
Yes, I'm the man. Now it's your turn to decide if I meant "Yes, I'm the male." or "Yes, I am the Unix Manual Page.".
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy