also sprach Giacomo Mulas <firstname.lastname@example.org> [2004.10.20.1452 +0200]: > no, but you can obtain the real tarpit(TM) effect, and you don't > have any processes left sleeping. Anyway, it was just a suggestion > I did not mean to criticize anybody's work. the real tarpit effect actually establishes a connection, not just DROP it. so no, iptables would not give a real tarpit effect. but i guess one could just drop non-SYN packages? this would definitely be preferable than having the PAM module sleep away. the question is when these rules are removed though... -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <email@example.com> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Description: Digital signature