Date: Mon, 3 Oct 2005 15:26:45 -0700 (PDT) From: Colin Dick <cdick@mail.ocis.net> To: Nicolas Blais <nb_root@videotron.ca> Cc: freebsd-ipfw@freebsd.org Subject: Re: Automatically add attacks to deny list? Message-ID: <Pine.LNX.4.58.0510031521100.9819@mail.ocis.net> In-Reply-To: <200510031816.26658.nb_root@videotron.ca> References: <200510031816.26658.nb_root@videotron.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all, There is a program called tcpsentry... doesn't it have the ability to do this? -- Colin On Mon, 3 Oct 2005, Nicolas Blais wrote: > Hi, > > Whenever someone tries a portscan or http server vulnerability scan on my > system, I have to manually add their ip in my /etc/ipfw.conf file such as: > add 100 deny all from xx.xxx.xxx.xxx to any > > Is there a way, without enabling blackhole, to dynamically add ips to my > blacklist after a certain packet/sec limit or some other way? > > Thanks, > Nicolas. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.58.0510031521100.9819>