Can Ossec do DDOS protection? How can we set rule where if there are too many requests/connection say "200"from same IP of any kind let it be http,smtp,ftp,ssh etc it block the IP for 'x' time.
Thanks Regards, DM
- [ossec-list] Fine tune syslog_rules.xml Rule 1002 Steve West
- [ossec-list] Re: Fine tune syslog_rules.xml Rule 1002 Daniel Cid
- [ossec-list] DDOS protection deltamails
- [ossec-list] Re: DDOS protection Daniel Cid
- [ossec-list] Re: Fine tune syslog_rules.xml Rule 1002 Steve West
- [ossec-list] Re: Fine tune syslog_rules.xml Rule 1002 Steve West
