Forum Discussion
6 Replies
Sort By
- Yoda_34023NimbostratusHi I just merged the Nimda and CodeRed scripts into one and check the syntax was ok on my LTM.
- hooleylistCirrostratusHi grimish,
when HTTP_REQUEST { set uri [string tolower [HTTP::uri]] if { ($uri contains "default.ida") or ($uri contains "cmd.exe") or ($uri contains "root.exe") or ($uri contains "admin.dll") }{ log local0. "client: [IP::client_addr], requested [HTTP::host]$uri and was discarded" discard } else {pool livepool} }
when HTTP_REQUEST { set uri [string tolower [HTTP::uri]] if { not ( [string tolower [HTTP::header Host]] contains "mysite.com" ) or ( ($uri contains "default.ida") or ($uri contains "cmd.exe") or ($uri contains "root.exe") or ($uri contains "admin.dll")) }{ log local0. "client: [IP::client_addr], requested [HTTP::host]$uri and was discarded" discard } else {pool livepool} }
- Yoda_34023NimbostratusHi Aaron,
- Yoda_34023NimbostratusHi Aaron,
- song_chi_woon_1NimbostratusThe above contents are defenses tech for Nimda,codred etc.
- hooleylistCirrostratusCan you give a bit more detail on what you're trying to block with an iRule?