On Wed, Aug 31, 2011 at 12:17 PM, John R Pierce <pie...@hogranch.com> wrote: >> Wrong. Some can be determined by machine searching for 'known' invalid >> URL strings which are not remotely similar to valid web page names. > > there's an infinite number of invalid strings, and only a finite number > of valid ones. > > anyways, your webserver already filters these out, its not going to > respond to an invalid URL with anything other than '404'. thats its job.
The idea isn't as crazy as it sounds - expensive firewalls offer the option to block URLs including known exploits and it is a much faster way to protect a farm of servers behind it than waiting for the OS vendor to come up with a service pack to make the servers less vulnerable. -- Les Mikesell lesmikes...@gmail.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
