Re: Slapper worm does more than infect

To: debian-security@lists.debian.org
Cc: mmoore@novator.com
Subject: Re: Slapper worm does more than infect
From: Jean Christophe ANDRÉ <jean-christophe.andre@auf.org>
Date: Thu, 10 Oct 2002 14:51:31 +0700
Message-id: <[🔎] 20021010075130.GA1431@virus.home>
In-reply-to: <[🔎] 1034180072.15941.17.camel@warp>
References: <[🔎] 1034180072.15941.17.camel@warp>

	Hi,

Moses Moore écrivait :
> Is there a more efficient way of getting slapper to not grab my webserver
> connections?  I've considered recompiling apache to get rid of the
> "Server:" HTTP response header line completely, but deploying a recompiled
> binary (and recompiling every time) across a web-farm is a drastic
> solution.  I was hoping for something less disruptive.

If you have a computer (let's call it a firewall :)) in front of your web
servers, you may want to use a proxy (no need for caching !) to block bad
request before they get to your web servers.

J.C.

Reply to:

References:
- Slapper worm does more than infect
  - From: Moses Moore <mmoore@novator.com>

Prev by Date: Re: Netstat port list v/s PID
Next by Date: Re: Netstat port list v/s PID
Previous by thread: Re: Slapper worm does more than infect
Next by thread: log_analysis configuration
Index(es):
- Date
- Thread