subject:"ipfilter traffic blocking and tcpdump snort etc"

Re: ipfilter traffic blocking and tcpdump snort etc

2003-12-05 Thread horio shoichi

On Fri, 5 Dec 2003 00:24:12 + Jez Hancock [EMAIL PROTECTED] wrote: Hi, I've blocked a dozen or so addresses using ipfilter: block in quick on fxp0 from 208.186.60.116 to any block in quick on fxp0 from 216.230.149.11 to any etc but I still see a lot of traffic those hosts in

Re: ipfilter traffic blocking and tcpdump snort etc

2003-12-05 Thread Jez Hancock

Hi Horio, Cheers for reply. On Fri, Dec 05, 2003 at 07:33:49PM +0900, horio shoichi wrote: On Fri, 5 Dec 2003 00:24:12 + Jez Hancock [EMAIL PROTECTED] wrote: Hi, I've blocked a dozen or so addresses using ipfilter: block in quick on fxp0 from 208.186.60.116 to any block in

Re: ipfilter traffic blocking and tcpdump snort etc

2003-12-05 Thread Melvyn Sopacua

On Friday 05 December 2003 11:58, Jez Hancock wrote: Let me rephrase that one :P I meant is there a method - for example such as adding some kind of routing via arp - so that packets are dropped on the floor even quicker than they would be via the firewall method? You could bind the ip's to

Re: ipfilter traffic blocking and tcpdump snort etc

2003-12-05 Thread Jez Hancock

On Fri, Dec 05, 2003 at 01:10:16PM +0100, Melvyn Sopacua wrote: On Friday 05 December 2003 11:58, Jez Hancock wrote: Let me rephrase that one :P I meant is there a method - for example such as adding some kind of routing via arp - so that packets are dropped on the floor even quicker

RE: ipfilter traffic blocking and tcpdump snort etc

2003-12-05 Thread David

, 5 December 2003 23:41 To: [EMAIL PROTECTED] Subject: Re: ipfilter traffic blocking and tcpdump snort etc On Fri, Dec 05, 2003 at 01:10:16PM +0100, Melvyn Sopacua wrote: On Friday 05 December 2003 11:58, Jez Hancock wrote: Let me rephrase that one :P I meant is there a method

Re: ipfilter traffic blocking and tcpdump snort etc

2003-12-05 Thread Jez Hancock

On Sat, Dec 06, 2003 at 12:01:09AM +1100, David wrote: Maybee an upgrade of apache would be a good start?. and have a look at mod_bandwidth http://www.cohprog.com/mod_bandwidth.html and mod_dosevasive http://www.nuclearelephant.com/projects/dosevasive/ I upgrade manually using portupgrade

Re: ipfilter traffic blocking and tcpdump snort etc

2003-12-05 Thread horio shoichi

On Fri, 5 Dec 2003 10:58:39 + Jez Hancock [EMAIL PROTECTED] wrote: Hi Horio, Cheers for reply. On Fri, Dec 05, 2003 at 07:33:49PM +0900, horio shoichi wrote: On Fri, 5 Dec 2003 00:24:12 + Jez Hancock [EMAIL PROTECTED] wrote: Hi, I've blocked a dozen or so addresses

ipfilter traffic blocking and tcpdump snort etc

2003-12-04 Thread Jez Hancock

Hi, I've blocked a dozen or so addresses using ipfilter: block in quick on fxp0 from 208.186.60.116 to any block in quick on fxp0 from 216.230.149.11 to any etc but I still see a lot of traffic those hosts in trafshow, snort and other packet capturing utils. Why is this? Is there any

Re: ipfilter traffic blocking and tcpdump snort etc

Re: ipfilter traffic blocking and tcpdump snort etc

Re: ipfilter traffic blocking and tcpdump snort etc

Re: ipfilter traffic blocking and tcpdump snort etc

RE: ipfilter traffic blocking and tcpdump snort etc

Re: ipfilter traffic blocking and tcpdump snort etc

Re: ipfilter traffic blocking and tcpdump snort etc

ipfilter traffic blocking and tcpdump snort etc

8 matches

Site Navigation

Mail list logo

Footer information