On Wed, 22 Dec 1999, Davis Ford wrote:
> This may have already been mentioned, but take a look at a program called
> portsentry (find it on freshmeat).
> It will detect when someone runs a port scan on you, and then it will
> automatically drop them into hosts.deny file, or better yet, it will add a
> rule to ipchains which will automatically block their IP from accessing your
> system. it has great logging features, as well.
So, if you're portscanned with spoofed addresses from the root
nameservers, your system will happily DoS itself?
(AIR, IPChains is going away soon (2.4), I'd double-check before I built
infrastructure that needed it. 2.4 will increase the performance of
multi-homed Linux boxes significantly.)
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
