[Emerging-Sigs] Nginx
RPG
inittab at jtan.com
Wed Mar 26 13:21:44 EST 2008
I'm all for it but I'd recommend adding a threshold to it.
Matt Jonkman wrote:
> There's been some discussion f late about the incredibly high percentage
> of nginx instances that serve malware. Storm and the RBN like to use it
> quite often.
>
> But it's not 100% hostile. (I'd guess 90%)
>
> I'd like to put a rule up for it, just put it in th epolicy section and
> call it suspicious. Anyone have a better idea?
>
> matt
>
More information about the Emerging-sigs
mailing list