John Desmond wrote:
> Victor-
>
> Could psentry be used to deny those nasty DNS floods?
> i.e., let LRP build its own rule set as the flood
> occurs? I don't remember it being mentioned in
> relation to DNS flooding.
> Seems like it would be an elegant solution and mostly
> automagical.
Port Sentry should not see this traffic if the firewall
denies it. Deny drops it in the bit bucket and it should
not get through to psentry. Psentry can be a flexible
SECOND line of defense. I think esb2 is open for udp port
53 packets for dnscache.
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
