On Mon, 2001-10-15 at 00:29, Alvaro Reguly wrote: > On 14 Oct 2001, Christian Wendt wrote: > > > On Sam, 2001-10-13 at 22:37, Alvaro Reguly wrote: > > > > > I think about the most "intelligent" way to filter all those out would > > be protocoll matching... > > > > with iptables it's possible to search packets for strings... (not in the > > kernel, needs patch-o-matic) (I'd advice to only search in SYN > > packets... could be CPU Hog) > > Where do I find this patch? http://netfilter.samba.org/ is the home of the iptables& netfilter kernel patches... The page got a intersting story 'bout a security flaw in kernel 2.4 iptables. MFG, Christian Wendt
Attachment:
pgpYNQhsnqHOV.pgp
Description: PGP signature