[Oisf-users] GeoIP And wp-login.php Bruteforce
Peter Manev
petermanev at gmail.com
Wed Sep 17 05:07:22 UTC 2014
> On 16 sep 2014, at 23:27, Eoin Miller <eoin.miller at trojanedbinaries.com> wrote:
>
>> On 9/16/14 7:15 PM, Mesra.net CEO wrote:
>> Dear All,
>>
>> My Suricata 2.0.3 compile with libgeoip, so I’m looking a rules to DROP any access out of Japan to wp-login.php file, so how to go about it?
>
Some geoip info -
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/GeoIP
The rule example in the link above is not optimal for your case though.
> Handle it in the webserver.
>
> http://dev.maxmind.com/geoip/legacy/mod_geoip2/
>
> -- Eoin
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140917/86459c9c/attachment-0002.html>
More information about the Oisf-users
mailing list