Ping a Specific Port

Question

John Magnolia

Asked: 2011-11-11 04:09:28 +0800 CST2011-11-11 04:09:28 +0800 CST 2011-11-11 04:09:28 +0800 CST

Fail2Ban: what is apache-overflows?

772

I am trying to configure fail2ban for my server and have come across: apache-overflows in the .config

What does it do/protect against?

1 Answers

Voted

Alan Ivey · Answer 1 · 2011-11-11T04:17:23+08:00

Best Answer

Alan Ivey

2011-11-11T04:17:23+08:002011-11-11T04:17:23+08:00

The /etc/fail2ban/filters.d/apache-overflows.conf file may help explain it more:

Notes.: Regexp to catch Apache overflow attempts.

The regex that is being a applied to the log can provide more detail:

failregex = [[]client []] (Invalid method in request|request failed: URI too long|erroneous characters after protocol string)

Certain types of attacks against Apache are done to try and overflow the memory buffer and cause it to crash, effectively creating a denial of service. This filter attempts to detect the attack before it completely overwhelms the web server and then will apply whatever action you specify.

11

Fail2Ban: what is apache-overflows?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?