Date: Mon, 03 Oct 2005 18:16:16 -0400 From: Nicolas Blais <nb_root@videotron.ca> To: freebsd-ipfw@freebsd.org Subject: Automatically add attacks to deny list? Message-ID: <200510031816.26658.nb_root@videotron.ca>
next in thread | raw e-mail | index | archive | help
--nextPart1772521.q7IQKDRMf0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hi, Whenever someone tries a portscan or http server vulnerability scan on my=20 system, I have to manually add their ip in my /etc/ipfw.conf file such as: add 100 deny all from xx.xxx.xxx.xxx to any Is there a way, without enabling blackhole, to dynamically add ips to my=20 blacklist after a certain packet/sec limit or some other way? Thanks, Nicolas. =2D-=20 =46reeBSD 7.0-CURRENT #0: Sat Oct 1 11:51:38 EDT 2005 =20 root@clk01a:/usr/obj/usr/src/sys/CLK01A=20 PGP? : http://www.clkroot.net/security/nb_root.asc --nextPart1772521.q7IQKDRMf0 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQBDQa26z38ton5LGeIRAoShAJ953c/SFiptCjK7K1rdiM4s+JgKnQCeLiau yYqIdNmnzev3W/AZJDi3DVI= =o/K0 -----END PGP SIGNATURE----- --nextPart1772521.q7IQKDRMf0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510031816.26658.nb_root>