[linux] apache access log messages
Greg Stark
gdstark at u.washington.edu
Mon Apr 26 11:05:47 PDT 2004
When you say doesn't resolve, do you mean the host doesn't appear to be
up, or that it just doesn't have a DNS record?
greg
K. David Prince wrote:
>Well, there's a problem: This particular address doesn't resolve to
>anything. And, there are new ones coming in every day. What I'm thinking
>is to put a rule on the firewall that basically says: "If this address
>doesn't resolve into something 'real', then block it." Anyone doing this
>kind of thing?
>
>On Mon, 26 Apr 2004, Greg Stark wrote:
>
>
>
>>Id prolly just add
>>
>>ALL: 69.37.133.236
>>
>>to my /etc/hosts.deny file :-) that'll take care of him!
>>
>>Greg
>>
>>K. David Prince wrote:
>>
>>
>>
>>>I'm seeing these messages in one of our logs:
>>>
>>>69.37.133.236 - - [20/Mar/2004:09:49:01 -0800] "SEARCH
>>>/\x90\x02\xb1\x02\xb1<snip>
>>>
>>>Each of these messages can be quite large. What's a good technique for
>>>blocking theses sorts of probes?
>>>
>>>Dave
>>>
>>>
>>>
>>>
>>
>>
More information about the Linux
mailing list