On Tue, Aug 13, 2002 at 09:59:40PM +0300, Official Flamer/Cabal NON-Leader wrote: > Quoth Guy Cohen: > > > Hello, > > > > I'm trying to discarded all those annoying windows unicode breakin attempts, > > iptables -A INPUT -j REJECT -p tcp --dport 80 -m string --string "cmd.exe" > > Since as of iptables v1.2.6a I can find no such match rule or option, I > assume you have developed it yourself. If I am mistaken, please indicate > which version of iptables you are using.
1.2.6a look in README > > > (timeout) the apache logs gets an entry like: > > skript.kid.com - - [06/Aug/2002:14:02:04 +0300] "-" 408 - > > If so, you seem to be letting SOMETHING through - enough to form a TCP > connection (i.e. SYN, SYN+ACK). Could you send tcodump? yup, 3 way handshake goes thru. -- Unix Administration, | http://www.unixadmin.co.il locally and remotely. | [EMAIL PROTECTED] Planning, installation, | Phone: 972-3-6201373 support & upgrades. | Location: Unrestricted ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
