All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] PSD
@ 2002-03-01 20:16 Roberto Campos
  2002-03-02 13:17 ` bert hubert
  0 siblings, 1 reply; 2+ messages in thread
From: Roberto Campos @ 2002-03-01 20:16 UTC (permalink / raw)
  To: lartc

Hi,

I've been listennig the list for the last 3 months and
i'm using iptables, ip, tc, etc... and learning to love it.

Now i've read about an experimental netfilter "psd" that needs
a patch and that can detect inbound port scans with rules like:

iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -m psd -j DROP

Than i see "iplimit" (-m iplimit) also experimental and the best
one is that patch that allows us to filter based in the content
of the packet (-m string).

Questions:

Are these still experimental?
If so, are they supposed to go into real kernel soon?

And last but not least:

How can i implement all these rules?
Is there a patch for all of then or i have to patch
each one of them?
I'm starting from a RH 7.2 vanilla kernel, are there any places
where i can find cook recipes on how to implement them?
Which machine (processor/memory) holds all of then working for
a 2 Mgs internet connection?

Thanks in advance for your time.

Roberto Campos
____________________________________________
Meu Provedor Tecnologias e Informática Ltda.
Rua Camerino, 128 Grs. 302
Centro - Rio de Janeiro - RJ - CEP 20080-010
Tel.: 55 21 25181011 (PABX/FAX)
Telefone Móvel - Celular: 55 21 91978284

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [LARTC] PSD
  2002-03-01 20:16 [LARTC] PSD Roberto Campos
@ 2002-03-02 13:17 ` bert hubert
  0 siblings, 0 replies; 2+ messages in thread
From: bert hubert @ 2002-03-02 13:17 UTC (permalink / raw)
  To: lartc

On Fri, Mar 01, 2002 at 05:16:36PM -0300, Roberto Campos wrote:
> Hi,
> 
> I've been listennig the list for the last 3 months and
> i'm using iptables, ip, tc, etc... and learning to love it.
> 
> Now i've read about an experimental netfilter "psd" that needs
> a patch and that can detect inbound port scans with rules like:
> 
> iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -m psd -j DROP
> 
> Than i see "iplimit" (-m iplimit) also experimental and the best
> one is that patch that allows us to filter based in the content
> of the packet (-m string).

The iptables people a very good list, see about it on
http://www.netfilter.org/

I would gladly help you, but I just don't know - the people there do.

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
http://www.tk                              the dot in .tk
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-03-02 13:17 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-03-01 20:16 [LARTC] PSD Roberto Campos
2002-03-02 13:17 ` bert hubert

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.