Face, pentru ca poate trimite RST-uri :> > nu cred ca snort face si filtrare. nu ar fi fost rau :D > ----- Original Message ----- > From: "Cristian Bica" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, July 07, 2003 1:04 PM > Subject: [rlug] Re: SSH/Telnet Filtre. > > >> >> ai putea sa incerci snort(www.snort.org). din cate imi amintesc facea >> niste matchuri pe stringuri care le scotea din packete .... >> >> On Monday 07 July 2003 13:47, you wrote: >> > daca nu cunosti pe ce porturi ruleaza ssh in "partea cealalta" >> > poti pune accept pe acele porturi pe care vrei sa le lasi deschise >> > e.x. 80, 25 , etc ... si reject pe celelalte (insa sshd -p 80 ...) >> > >> > Irimia Suleapa said: >> > > ... presupun ca nu cunosc ce port ssh/telnet este deschis pe masina >> > > respectiva >> > > >> > > ----- Original Message ----- >> > > From: "Andrei Stanescu" <[EMAIL PROTECTED]> >> > > To: <[EMAIL PROTECTED]> >> > > Sent: Monday, July 07, 2003 1:23 PM >> > > Subject: [rlug] Re: SSH/Telnet Filtre. >> > > >> > >> iptables -I FORWARD -s 192.168.0.0/24 --dport 22,23 -j ...... >> > >> >> > >> ----- Original Message ----- >> > >> From: "Irimia Suleapa" <[EMAIL PROTECTED]> >> > >> To: <[EMAIL PROTECTED]> >> > >> Sent: Monday, July 07, 2003 12:47 PM >> > >> Subject: [rlug] SSH/Telnet Filtre. >> > >> >> > >> > Salut. >> > >> > Sa zicem situatia urmatoare: >> > >> > >> > >> > SERVER ------------- NAT --------------- RETEA (192.168.0.10, >> > >> > 11, 12) EXT-10.10.10.1 >> > >> > INT-192.168.0.1/24 >> > >> > >> > >> > 1. Cum as putea filtra toate pachetele ce vin din retea catre >> > >> > orice >> > >> >> > >> destinatie pe orice port deschis tip ssh sau telnet ? >> > >> >> > >> > Numai bine. >> >> -- >> Cristian Bica >> ------------- >> Take interest in your future.It's where you're >> going to spend the rest of your life." >> >> > >
-- Sorin CONSTANTINESCU [EMAIL PROTECTED] Linux Registered User #222086
