Automatically add attacks to deny list?
Nicolas Blais
nb_root at videotron.ca
Mon Oct 3 15:16:28 PDT 2005
Hi,
Whenever someone tries a portscan or http server vulnerability scan on my
system, I have to manually add their ip in my /etc/ipfw.conf file such as:
add 100 deny all from xx.xxx.xxx.xxx to any
Is there a way, without enabling blackhole, to dynamically add ips to my
blacklist after a certain packet/sec limit or some other way?
Thanks,
Nicolas.
--
FreeBSD 7.0-CURRENT #0: Sat Oct 1 11:51:38 EDT 2005
root at clk01a:/usr/obj/usr/src/sys/CLK01A
PGP? : http://www.clkroot.net/security/nb_root.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-ipfw/attachments/20051003/68fe4f84/attachment.bin
More information about the freebsd-ipfw
mailing list