월별 글 목록: 2015년 9월월

Centos5 Apache module using mod_evasive

해외에서 자동툴을 이용하여 공격시도를 조금이나마 방어를 해보기 위해 설치진행

Apache moduel중에서 mod_evasive 설치하여 방어를 최소나마 막기위함.

Centos5에서 yum install 로 모듈설치가 가능하다고는 웹문서에 나와있으나 진행불가 확인

다른 웹페이지에서 rpm 패키지를 다운로드받아 설치

-패키지 설치 :  rpm -Uvh 패키지네임

cd /etc/httpd/conf.d

vi evasive.conf (수정하거나, 기본 설정으로 사용해도 무방함.)

다만 웹서버에 이미지가 많거나, 접속량이 많은경우 적절하게 수정 필요 – blocklist가 많이 쌓여 로그 관리 필요

블로그 원문 사이트 : http://www.zdziarski.com/blog/?page_id=442

[에러발생 및 해결]

Sep 21 22:48:01 www mod_evasive[21267]: Couldn’t open logfile /var/log/httpd/evasive/dos-188.40.23.253: Permission denied

디렉토리 evasive 실행권한 부여 ( 775 -> 770으로 변경 )

Sep 21 23:00:14 www mod_evasive[25072]: Blacklisting address 185.23.49.9: possible DoS attack.

Centos End-Of-Life_201601 Update

Centos End-Of-Life

 

CentOS Linux Version

Minor release

CD and DVD ISO Images

Packages

Release Email

Release Notes

End-Of-Life

 

7

7 (1511)

Rolling: DVD, Minimal, Everything (checksums) | Mirrors: x86_64

RPMs

CentOS

CentOS RHEL

30 June 2024

 

6

6.7

i386 x86_64

RPMs

CentOS

CentOS RHEL

30 Nov 2020

 

5

5.11

i386 x86_64

RPMs

CentOS

CentOS RHEL

31 Mar 2017**

 

End-Of-Life

In general every release receives bugfixes, feature enhancements and new hardware support until 4 years after general availability, and security fixes until 7 years after general availability (beginning with CentOS Linux 5, this period has been extended from 4 to approx. 7 and from 7 to 10 years {assuming the upstream sources remain available for ten years})

For more information about the support life cycle of CentOS Linux, take a look at Red Hat’s Errata Support Policy page.

Basically, if source is released publicly upstream, the CentOS Project will build and release updates for as long as possible. We have done this for all previous versions and will for all future versions.

<!> Please note Red Hat’s policy on Production Phase 3, which normally starts at the 7 year point. In that phase, only those security updates deemed crucial are released in this phase. It is recommended that you plan to upgrade before this point whenever possible.

Ref : https://wiki.centos.org/Download