From owner-freebsd-pf@FreeBSD.ORG  Mon May 15 12:28:09 2006
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EBD2D16A4A0
	for <freebsd-pf@freebsd.org>; Mon, 15 May 2006 12:28:09 +0000 (UTC)
	(envelope-from freebsd@azimut-tour.ru)
Received: from azimutprint.ru (azimutprint.ru [217.15.145.118])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9B3B643D45
	for <freebsd-pf@freebsd.org>; Mon, 15 May 2006 12:28:08 +0000 (GMT)
	(envelope-from freebsd@azimut-tour.ru)
Received: from azimutprint.ru (localhost [127.0.0.1])
	by crom.azimutprint.ru (Postfix) with ESMTP id 6E51CB852;
	Mon, 15 May 2006 16:28:04 +0400 (MSD)
Received: from [127.0.0.1] (greencomp.azimutprint.ru [192.168.1.2])
	by crom.azimutprint.ru (Postfix) with ESMTP id 07D12B851;
	Mon, 15 May 2006 16:28:04 +0400 (MSD)
Message-ID: <446873D3.7090703@azimut-tour.ru>
Date: Mon, 15 May 2006 16:28:03 +0400
From: GreenX FreeBSD <freebsd@azimut-tour.ru>
User-Agent: Thunderbird 1.5.0.2 (Windows/20060308)
MIME-Version: 1.0
To: Kian Mohageri <kian.mohageri@gmail.com>,  freebsd-pf@freebsd.org
References: <44680266.2090007@azimut-tour.ru>
	<fee88ee40605142226i6b1e07c4h9625117e5d5e3bbe@mail.gmail.com>
In-Reply-To: <fee88ee40605142226i6b1e07c4h9625117e5d5e3bbe@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: ClamAV using ClamSMTP
Cc: 
Subject: Re: promt solution with max-src-conn-rate
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 May 2006 12:28:10 -0000

Kian Mohageri пишет:
> you're probably trying to use this on a port where nothing is listening.
Yes, I understand it, and I about it have written in my letter.
I think above that how to make so that worked on not listening port.
It is possible certainly, simply to redirect on any something responding 
service.
But for this purpose foreign service is besides necessary.
> I'd advise against what you're trying to do. It won't make your box 
> more secure.
Why?
Simply so, on ssh you will not come any more.
If I am not mistaken, probability of that the scanner will begin the 
check with "key" port,
and further at once will check up sshd is equal - 1 / (0xFFFF*0xFFFE).
If he will not make itthis, he can be caught on max-src-conn-rate 
concerning public services,
and to put for his forward from all ports on ssh localhost.

Best regards, GreenX.