shellshock probing
mex
nginx-forum at nginx.us
Wed Apr 1 20:50:49 UTC 2015
hi cole,
if implemetable you couldd use naxsi https://github.com/nbs-system/naxsi
for this, there exists a rule to detect and block
shellshock-exploit-attempts:
MainRule "str:() {" "msg:Possible Remote code execution through Bash
CVE-2014-6271" "mz:BODY|HEADERS" "s:$ATTACK:8" id:42000393 ;
see -> http://spike.nginx-goodies.com/rules/view/42000393
there is also an extended ruleset available
-> https://bitbucket.org/lazy_dogtown/doxi-rules
cheers,
mex
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,257792,257796#msg-257796
More information about the nginx
mailing list