On 10/5/05, Alex de Kruijff [EMAIL PROTECTED] wrote:
On Thu, Sep 29, 2005 at 11:45:42AM -0400, Bob Johnson wrote:
In FreeBSD 5.4R, I tried an IPFW configuration that includes something
like this (plus a lot of other rules):
check-state
deny tcp from any to any established
On 10/5/05, jmulkerin [EMAIL PROTECTED] wrote:
How about using snort and guardian.Guardian.pl will add a ipfw rule
each time it sees an alert from Snort. You'll need to adjust the snort
rules for what you want to alert on but its a pretty safe and
lightweight asset. (just my novice 2
On Thu, Sep 29, 2005 at 11:45:42AM -0400, Bob Johnson wrote:
In FreeBSD 5.4R, I tried an IPFW configuration that includes something
like this (plus a lot of other rules):
check-state
deny tcp from any to any established
allow log tcp from any to ${my-ip} dst-port 22 setup limit
How about using snort and guardian.Guardian.pl will add a ipfw rule
each time it sees an alert from Snort. You'll need to adjust the snort
rules for what you want to alert on but its a pretty safe and
lightweight asset. (just my novice 2 cents...)
John
Alex de Kruijff wrote:
On Thu,
On Mon, Sep 20, 2004 at 10:27:22PM -0500, Eric F Crist wrote:
IPFW used to log all entries with the 'log' included in the rule, but
randomely, to me, anyways, stopped doing so. I can't seem to get it to
continue logging.
Does anyone have any insight? I'm running FreeBSD 4.10 from about
On Mon, Sep 20, 2004 at 10:27:22PM -0500, Eric F Crist wrote:
Hello all,
I may no longer be subscribed, as I've had some mail server problems (I
moved), so please reply to me, as well.
IPFW used to log all entries with the 'log' included in the rule, but
randomely, to me, anyways,