On Fri, 5 Dec 2003 00:24:12 +
Jez Hancock [EMAIL PROTECTED] wrote:
Hi,
I've blocked a dozen or so addresses using ipfilter:
block in quick on fxp0 from 208.186.60.116 to any
block in quick on fxp0 from 216.230.149.11 to any
etc
but I still see a lot of traffic those hosts in
Hi Horio,
Cheers for reply.
On Fri, Dec 05, 2003 at 07:33:49PM +0900, horio shoichi wrote:
On Fri, 5 Dec 2003 00:24:12 +
Jez Hancock [EMAIL PROTECTED] wrote:
Hi,
I've blocked a dozen or so addresses using ipfilter:
block in quick on fxp0 from 208.186.60.116 to any
block in
On Friday 05 December 2003 11:58, Jez Hancock wrote:
Let me rephrase that one :P I meant is there a method - for example
such as adding some kind of routing via arp - so that packets are
dropped on the floor even quicker than they would be via the firewall
method?
You could bind the ip's to
On Fri, Dec 05, 2003 at 01:10:16PM +0100, Melvyn Sopacua wrote:
On Friday 05 December 2003 11:58, Jez Hancock wrote:
Let me rephrase that one :P I meant is there a method - for example
such as adding some kind of routing via arp - so that packets are
dropped on the floor even quicker
, 5 December 2003 23:41
To: [EMAIL PROTECTED]
Subject: Re: ipfilter traffic blocking and tcpdump snort etc
On Fri, Dec 05, 2003 at 01:10:16PM +0100, Melvyn Sopacua wrote:
On Friday 05 December 2003 11:58, Jez Hancock wrote:
Let me rephrase that one :P I meant is there a method
On Sat, Dec 06, 2003 at 12:01:09AM +1100, David wrote:
Maybee an upgrade of apache would be a good start?. and have a look at
mod_bandwidth http://www.cohprog.com/mod_bandwidth.html and mod_dosevasive
http://www.nuclearelephant.com/projects/dosevasive/
I upgrade manually using portupgrade
On Fri, 5 Dec 2003 10:58:39 +
Jez Hancock [EMAIL PROTECTED] wrote:
Hi Horio,
Cheers for reply.
On Fri, Dec 05, 2003 at 07:33:49PM +0900, horio shoichi wrote:
On Fri, 5 Dec 2003 00:24:12 +
Jez Hancock [EMAIL PROTECTED] wrote:
Hi,
I've blocked a dozen or so addresses
Hi,
I've blocked a dozen or so addresses using ipfilter:
block in quick on fxp0 from 208.186.60.116 to any
block in quick on fxp0 from 216.230.149.11 to any
etc
but I still see a lot of traffic those hosts in trafshow, snort and
other packet capturing utils. Why is this?
Is there any