100 Gigabit Ethernet Forum
100G Ethernet Forum - NG Ethernet Forum

knoll

My online forums are visited by suspicious hosts quite regularly and some nasty visitors were trying to get in by the highlight exploit.

I am currently testing the reaction to a log experiment. Whenever a host sends an unwanted request, I am simply logging it and present it on a seperate page listing the host name, IP, IP port, date and time, the http agent as well as the actual http request URL.
http://www.ng-ethernet.com/ethernet_forum/phpBB_exploit.php

The log is steadily filling up and more importantly is visited by people, who have searched google for (their ?) IPs and host names.

What do you think about such a "means of defence" ?

The used script will get posted for download.

Regards,
Thomas

knoll · Posted: Wed Jul 12, 2006 1:06 am Post subject:

added the filter script here (members only).