From owner-freebsd-net@FreeBSD.ORG  Tue Dec  7 10:09:29 2004
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2451F16A4CE
	for <freebsd-net@freebsd.org>; Tue,  7 Dec 2004 10:09:29 +0000 (GMT)
Received: from mail.loyalness.com (ns1.orgazma.org [84.94.229.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BDEAF43D62
	for <freebsd-net@freebsd.org>; Tue,  7 Dec 2004 10:09:28 +0000 (GMT)
	(envelope-from sody@royalshells.com)
Received: from localhost (unknown [127.0.0.1])
	by mail.loyalness.com (Postfix) with ESMTP id 5FF1836
	for <freebsd-net@freebsd.org>; Tue,  7 Dec 2004 13:16:11 +0000 (GMT)
Received: from mail.loyalness.com ([127.0.0.1])
 by localhost (loyalness.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP
 id 94568-01 for <freebsd-net@freebsd.org>;
 Tue,  7 Dec 2004 13:16:09 +0000 (GMT)
Received: from loyalness.com (localhost [127.0.0.1])
	by mail.loyalness.com (Postfix) with ESMTP id C5D8635
	for <freebsd-net@freebsd.org>; Tue,  7 Dec 2004 13:16:09 +0000 (GMT)
Received: (from sody@localhost)
	by loyalness.com (8.12.9p2/8.12.9/Submit) id iB7DG8xP094903;
	Tue, 7 Dec 2004 13:16:08 GMT
	(envelope-from sody@royalshells.com)
Date: Tue, 7 Dec 2004 13:16:08 GMT
X-Authentication-Warning: loyalness.com: sody set sender to
	sody@royalshells.com using -f
From: "Sami" <sody@royalshells.com>
To: freebsd-net@freebsd.org
Cc: 
X-Originating-IP: 128.139.226.34
X-Mailer: Usermin 1.070
Message-Id: <1102425368.94900@loyalness.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="bound1102425368"
X-Virus-Scanned: by amavisd-new at royalshells.com
Subject: 
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Dec 2004 10:09:29 -0000

This is a multi-part message in MIME format.

--bound1102425368
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 7bit

Hi,
(sorry for last long mail)
I have problem with D.o.S and DD.o.S attacks.
I wonder if someone already wrote/know about a module that works like pop_before_smtp,
it watches /var/log/security and if it sees that in the past 30 seconds many packets
were received to an IP it unbinds its (ifconfig em0 ip delete), and tracks the list
of unbounded IPs, tries to readd the IP again after 5 minutes (for example).

Thanks in advance,

Sami

--bound1102425368--