[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipchains DENY question



also sprach Richard Hector <rhector@actrix.gen.nz> [2002.12.07.0030 +0100]:
> I'm not saying it's a bad idea; I'm just saying I don't know how to do
> it. Any suggestions?

snort.

and i'd go as far as to log everything that the firewall drops and
then add rules to drop certain packets without logging them before.
i.e. if you receive a lot of requests for port 137, block that one
without a log, then block everything else afterwards.

-- 
Please do not CC me! Get a proper mailer instead: www.mutt.org
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
NOTE: The public PGP keyservers are broken!
Get my key here: http://people.debian.org/~madduck/gpg/330c4a75.asc

Attachment: pgpj8UtrBuM6P.pgp
Description: PGP signature


Reply to: