Re: [SLUG] ssh scan and iptables

Tue, 19 Apr 2005 05:42:34 -0700



Richard Neal wrote: 
A security tool called LIDS comes to mind also you can get snort to edit
the firewall rules when certain rules are met.

http://www.snort.org

http://www.lids.org/

There are many "intrusion detection systems" for Linux around some can
change the firewall rules on the fly when set rules are met like snort
or LIDS.

On Tue, 2005-04-19 at 19:20, Gottfried Szing wrote:


does somebody of you have a better idea for this? maybe calling an script
which adds an iptables rule with an expiration?

I think you can also "mark" the packets and then have them handled in userspace - probably the same idea.


thanks, gottfried 


Regards
Richard Neal

________________________________________________________________________
Kryten Cat: "Hey, I got it! We laser our way through!?"
Kryten: "Ah, an excellent suggestion, Sir, with just two minor
drawbacks. One, we don't have a power source for the lasers, and two, we
don't have any lasers."
   - Cat and Kryten, White Hole ( Red Dwarf )

________________________________________________________________________


--
Howard.
LANNet Computing Associates - Your Linux people <http://lannet.com.au>
--
When you just want a system that works, you choose Linux;
When you want a system that just works, you choose Microsoft.
--
Flatter government, not fatter government;
Get rid of the Australian states.

begin:vcard
fn:Howard Lowndes
n:Lowndes;Howard
org:LANNet Computing Associates
adr:;;PO Box 1174;Lavington;NSW;2641;Australia
email;internet:howard [AT] lowndes [DOT] name
tel;work:02 6040 0222
tel;fax:02 6040 0222
tel;cell:0419 464 430
note:I am heartily sick and tired of telemarketers, therefore I do not answer phone calls which do not present Caller Line Identification, they get flicked to voicemail.  I apologise if this inconveniences you, and I respect your right to not identify yourself, but I also ask that you respect my right to not answer your call if you choose not to identify yourself.  Try dialing 1832 (#32# from mobiles) before the number, to present Caller Line Identification.
x-mozilla-html:FALSE
url:http://www.lannet.com.au
version:2.1
end:vcard


-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Reply via email to