From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Roberto Campos" <roberto@meuprovedor.com.br>
Date: Fri, 01 Mar 2002 20:16:36 +0000
Subject: [LARTC] PSD
Message-Id: <marc-lartc-101501367603349@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

Hi,

I've been listennig the list for the last 3 months and
i'm using iptables, ip, tc, etc... and learning to love it.

Now i've read about an experimental netfilter "psd" that needs
a patch and that can detect inbound port scans with rules like:

iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -m psd -j DROP

Than i see "iplimit" (-m iplimit) also experimental and the best
one is that patch that allows us to filter based in the content
of the packet (-m string).

Questions:

Are these still experimental?
If so, are they supposed to go into real kernel soon?

And last but not least:

How can i implement all these rules?
Is there a patch for all of then or i have to patch
each one of them?
I'm starting from a RH 7.2 vanilla kernel, are there any places
where i can find cook recipes on how to implement them?
Which machine (processor/memory) holds all of then working for
a 2 Mgs internet connection?

Thanks in advance for your time.

Roberto Campos
____________________________________________
Meu Provedor Tecnologias e Inform=E1tica Ltda.
Rua Camerino, 128 Grs. 302
Centro - Rio de Janeiro - RJ - CEP 20080-010
Tel.: 55 21 25181011 (PABX/FAX)
Telefone M=F3vel - Celular: 55 21 91978284

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/