--- In [email protected], Brad Campbell <[EMAIL PROTECTED]> wrote: > > sangbsy wrote: > > > Hi Brad, > > > > Is it possible to Drop dissimilar packets continuously coming from a > > particular IP or connection to the firewall ?; In a situations like > > somebody tries port scans etc. > > > > There are some bits of software out there that set up logging hooks into your firewall (via the -j > LOG) target and scanning the syslog that then place defensive firewall rules in place if they detect > you are being scanned or ddos'd. How paranoid are you? Frankly I think they are more trouble than > they are worth. > > You can do a quick and dirty by rate limiting your connection to 1 per xx seconds wiht a burst, and > anything over that gets dropped on the floor. That may be useful if you are on a fast connection. > > Anything for home use, it's not worth the effort except it may confuse the port scanner. Frankly > when I want to scan someone I use syn scans and never more than 1 per 30 secs.. Not likely to raise > a peep on a firewall alarm. > > Brad > -- > "Human beings, who are almost unique in having the ability > to learn from the experience of others, are also remarkable > for their apparent disinclination to do so." -- Douglas Adams >
Thanks Brad .
