Search found 2 matches
- 26 Jun 2019, 13:28
- Forum: General Discussion (csf)
- Topic: How to block stagefright DOS attack based on agent type
- Replies: 1
- Views: 2561
Re: How to block stagefright DOS attack based on agent type
Used the following mod_security rule to block, successful SecRule REQUEST_HEADERS:User-Agent "@rx (?:stagefright)" "msg:'stagefright blocked',phase:1,log,id:7777771,t:none,block,status:403" I use Cpanel so it was easy to do it in WHM-Security Center - ModSecurityâ„¢ Tools - Add Rul...
- 26 Jun 2019, 06:13
- Forum: General Discussion (csf)
- Topic: How to block stagefright DOS attack based on agent type
- Replies: 1
- Views: 2561
How to block stagefright DOS attack based on agent type
The server is receiving repeated connections which are like DOS attempts which seem to be generated from some exploit, possibly Android Stagefright, blocking IP addresses does not seem to help as new IPs appear everyday, this is resulting in heavy use of bandwidth. See sample logs below. Please advi...