Forum Discussion
What_Lies_Bene1
Feb 07, 2013Cirrostratus
There's quite a few, I've listed a few simple examples below. Is there something specific you have in mind?
Restrict HTTP Methods
when HTTP_REQUEST {
switch [HTTP::method] {
Exit if method is GET
"GET" { return }
Exit if method is POST
"POST" { return }
Reject any other request methods
default { reject }
}
}
Mitigate Code Red & Nimda
when HTTP_REQUEST {
set requri [string tolower [HTTP::uri]]
switch –glob $requri {
"*default.ida*" –
"*cmd.exe*" –
"*root.exe*" –
"*admin.dll*" {
Drop the request silently
drop }
}
}