Hi Ivan,
It should work well, but just remember that it will not block any unidirectional packet (like udp). The route null will only deny the responses back to the blocked host... When you do your active response script, please share it with us :) Thanks, -- Daniel B. Cid dcid ( at ) ossec.net On 2/13/07, Ivan Lotina <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I was thinking about creating new command for active response. Simple route add to null route. Any pros/cons for that kind of denying access ? Regards, Ivan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) iD8DBQFF0gC6ZGbJE+hoXVURAg+0AKCJKn7rEm7dSP8rV6HygCc0IO2SGgCfY4sv HY1dSEawm2jO/YnyYlk7rdE= =xOH0 -----END PGP SIGNATURE-----
