From owner-freebsd-questions  Wed Jan 16 13:59:26 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.dra.com (mail.dra.com [192.65.218.159])
	by hub.freebsd.org (Postfix) with ESMTP id 7139B37B405
	for <freebsd-questions@FreeBSD.ORG>; Wed, 16 Jan 2002 13:59:24 -0800 (PST)
Received: from stlmail.dra.com (stlmail.dra.com [192.65.218.119])
	by mail.dra.com (8.9.1/8.9.1) with ESMTP id PAA25973
	for <freebsd-questions@FreeBSD.ORG>; Wed, 16 Jan 2002 15:59:23 -0600 (CST)
Received: by stlmail.dra.com with Internet Mail Service (5.5.2653.19)
	id <CWXJK8LA>; Wed, 16 Jan 2002 15:59:08 -0600
Message-ID: <DC32C8CEB3F8D311B6B5009027DE5AD503D20793@stlmail.dra.com>
From: Eric Six <erics@sirsi.com>
To: freebsd-questions@FreeBSD.ORG
Subject: Blocking hosts in realtime via an IDS
Date: Wed, 16 Jan 2002 15:59:08 -0600
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
	charset="iso-8859-1"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is there a way in realtime to take attacks logged by snort and have a
bsd machine block that host? ie blackhole the host from all
responses. Linux has this functionality with iptables...


Cheers,
Eric



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPEX3gMbzOHaBcCrEEQJCUgCg0HFC1z5QG0gPp+TyG7/kqykVWEEAoOaY
Zx+mnxRihiDEVtes1pm2ivXS
=DQ4o
-----END PGP SIGNATURE-----

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message