On 8 Jan 2003, Ben Barrett wrote: <snip> > > and if he is gonna have a go at you, I suggest running snort > (http://www.snort.org/), or a packet dump (http://tcpdump.org/) if you > know exactly when he sets fire (packet dumps can get huge, watch out). > Plus you could also let iptables log relevant activities decorated with keywords of your choice. See also Cory's notes about tightly secured workstations: http://www.euglug.org/stateful_firewalling.tgz and here is what I saw about how iptables can handle certain DoS attacks: http://lists.netfilter.org/pipermail/netfilter/2001-April/010202.html or more general here: http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html (see ' -m limit ' (plus details) for logs)
- Horst _______________________________________________ Eug-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
