From owner-freebsd-net@FreeBSD.ORG Fri Jan 16 11:07:46 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 582F8106566B for ; Fri, 16 Jan 2009 11:07:46 +0000 (UTC) (envelope-from dimitar.vassilev@gmail.com) Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.31]) by mx1.freebsd.org (Postfix) with ESMTP id 0FA108FC0C for ; Fri, 16 Jan 2009 11:07:45 +0000 (UTC) (envelope-from dimitar.vassilev@gmail.com) Received: by yw-out-2324.google.com with SMTP id 9so614613ywe.13 for ; Fri, 16 Jan 2009 03:07:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=14xsknLyYlaDbyLPjDyM8V/DFUKGYXv7Y56dBVxkgzI=; b=J/5l6aVCCbOvtP1fEhW1qFd9+O990W81xTFzCipTJVkGd6mJZx73oy5BUVU3JjFzJB 32D+Tbo3CQ0qWMWHVmdZmevtXhnCjC0FmEsKmVJ3q3VBbcWpA1+Hr+wGgpNczDth4rKI 9bP8iVNGNwmoB3WXyONj4PmuE7Gy28B6p0o4k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=PzFtbNkrp3NkQRFmZesK0l4Gk1k70R9AhspBrAPjs9h9NKw603SogU9oa85SJUSEn2 WcXbQmkRSfyzzgGsHeLiP4CVLJG0JXTzP1ET4aavp6QH/IfmCGTUDndOEFko2CvbYNm4 TTEE1SoJswlCQDhAc4w2Xfz13pXq5XwxC5cc0= MIME-Version: 1.0 Received: by 10.150.139.8 with SMTP id m8mr3573818ybd.99.1232103176290; Fri, 16 Jan 2009 02:52:56 -0800 (PST) In-Reply-To: References: Date: Fri, 16 Jan 2009 12:52:56 +0200 Message-ID: <59adc1a0901160252w2f4c47bbs66db4ab377024784@mail.gmail.com> From: Dimitar Vasilev To: Vlad GALU Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org, Ivo Vachkov , Alexey Ivanov Subject: Re: TARPIT for pf/ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jan 2009 11:07:46 -0000 see spamd for mail and you may use the don't peer list of sbl . 2009/1/16 Vlad GALU > This particular iptables module keeps the incoming connection up and > running, but it sends ACKs advertising a window size of 0 bytes, so > that the remote end can't send any data until the local process has > decided it's ok to do so. Basically it's used to slow down spammers > and worms. > > On Fri, Jan 16, 2009 at 11:31 AM, Ivo Vachkov > wrote: > > what does TARPIT do ? > > > > On Fri, Jan 16, 2009 at 11:20 AM, Alexey Ivanov wrote: > >> Is there any command identical to: > >> iptables -A INPUT -p tcp -m tcp -dport 80 -j TARPIT > >> > >> If no, does anyone ever tried to implement this feature? > >> > >> _______________________________________________ > >> freebsd-net@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-net > >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >> > > > > > > > > -- > > "UNIX is basically a simple operating system, but you have to be a > > genius to understand the simplicity." Dennis Ritchie > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > > > -- > ~/.signature: no such file or directory > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >