Re: [Fail2ban-users] Regex for SQL injection

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

ah right -- thank you Luigi for the details.  I just took your answer in
the wrong perspective ;)

On Thu, 29 Dec 2011, Luigi Rosa wrote:
> >> You are looking for a WAF, take a look at OpenWAF http://openwaf.org/
> > hm :-/
> modsecurity http://www.modsecurity.org/ or Google "apache waf"

> There are a lot of HTTP attack patterns not logged to access log or error log.
> For instance all the attacks that injects bogous headers; if I remember
> correctly, recent KillApache.pl tool uses this type of vector and a log
> analysis is worthless to block this attack before the damage is done (if
> Apache is vulnerable)

-- 
=------------------------------------------------------------------=
Keep in touch                                     www.onerussian.com
Yaroslav Halchenko                 www.ohloh.net/accounts/yarikoptic