On Tue, 12 Mar 2002, Poul-Henning Kamp wrote:
> Here is something I miss a lot: > > I would like a small program which can listen to a specified divert(4) > socket and act on the incoming packets. > > Specifically I want to direct all unwanted trafic from my ipfw rules > into the divert socket and have the program examine these packets > and when configured thresholds were exceeded take actions like: > > Add a blackhole route for a period of time to the source > IP to prevent any packets getting back to the attacker. > > Add a blocking ipfw rule for incoming trafic from the > attackers IP# for some period of time. > > Add a divert ipfw rule for incoming trafic from the > attackers IP# to capture all the tricks he is trying to > do. > > Log the received packets in detail in pcap format files. > > Report the packets to Dshield.org Reroute/rewrite all my outgoing port 25 mail to some magic smart host over an userland ssh connection. Dw To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message