* [LARTC] PSD
@ 2002-03-01 20:16 Roberto Campos
2002-03-02 13:17 ` bert hubert
0 siblings, 1 reply; 2+ messages in thread
From: Roberto Campos @ 2002-03-01 20:16 UTC (permalink / raw)
To: lartc
Hi,
I've been listennig the list for the last 3 months and
i'm using iptables, ip, tc, etc... and learning to love it.
Now i've read about an experimental netfilter "psd" that needs
a patch and that can detect inbound port scans with rules like:
iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -m psd -j DROP
Than i see "iplimit" (-m iplimit) also experimental and the best
one is that patch that allows us to filter based in the content
of the packet (-m string).
Questions:
Are these still experimental?
If so, are they supposed to go into real kernel soon?
And last but not least:
How can i implement all these rules?
Is there a patch for all of then or i have to patch
each one of them?
I'm starting from a RH 7.2 vanilla kernel, are there any places
where i can find cook recipes on how to implement them?
Which machine (processor/memory) holds all of then working for
a 2 Mgs internet connection?
Thanks in advance for your time.
Roberto Campos
____________________________________________
Meu Provedor Tecnologias e Informática Ltda.
Rua Camerino, 128 Grs. 302
Centro - Rio de Janeiro - RJ - CEP 20080-010
Tel.: 55 21 25181011 (PABX/FAX)
Telefone Móvel - Celular: 55 21 91978284
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] PSD
2002-03-01 20:16 [LARTC] PSD Roberto Campos
@ 2002-03-02 13:17 ` bert hubert
0 siblings, 0 replies; 2+ messages in thread
From: bert hubert @ 2002-03-02 13:17 UTC (permalink / raw)
To: lartc
On Fri, Mar 01, 2002 at 05:16:36PM -0300, Roberto Campos wrote:
> Hi,
>
> I've been listennig the list for the last 3 months and
> i'm using iptables, ip, tc, etc... and learning to love it.
>
> Now i've read about an experimental netfilter "psd" that needs
> a patch and that can detect inbound port scans with rules like:
>
> iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -m psd -j DROP
>
> Than i see "iplimit" (-m iplimit) also experimental and the best
> one is that patch that allows us to filter based in the content
> of the packet (-m string).
The iptables people a very good list, see about it on
http://www.netfilter.org/
I would gladly help you, but I just don't know - the people there do.
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Software & Services
http://www.tk the dot in .tk
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-03-02 13:17 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-03-01 20:16 [LARTC] PSD Roberto Campos
2002-03-02 13:17 ` bert hubert
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.