On Tue, 12 Mar 2002, Poul-Henning Kamp wrote:
> Here is something I miss a lot:
>
> I would like a small program which can listen to a specified divert(4)
> socket and act on the incoming packets.
>
> Specifically I want to direct all unwanted trafic from my ipfw rules
> into the divert socket and have the program examine these packets
> and when configured thresholds were exceeded take actions like:
>
> Add a blackhole route for a period of time to the source
> IP to prevent any packets getting back to the attacker.
>
> Add a blocking ipfw rule for incoming trafic from the
> attackers IP# for some period of time.
>
> Add a divert ipfw rule for incoming trafic from the
> attackers IP# to capture all the tricks he is trying to
> do.
>
> Log the received packets in detail in pcap format files.
>
> Report the packets to Dshield.org
Reroute/rewrite all my outgoing port 25 mail to some
magic smart host over an userland ssh connection.
Dw
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
