Automatically add attacks to deny list?
Colin Dick
cdick at mail.ocis.net
Mon Oct 3 15:27:01 PDT 2005
Hi all,
There is a program called tcpsentry... doesn't it have the
ability to do this?
--
Colin
On Mon, 3 Oct 2005, Nicolas Blais wrote:
> Hi,
>
> Whenever someone tries a portscan or http server vulnerability scan on my
> system, I have to manually add their ip in my /etc/ipfw.conf file such as:
> add 100 deny all from xx.xxx.xxx.xxx to any
>
> Is there a way, without enabling blackhole, to dynamically add ips to my
> blacklist after a certain packet/sec limit or some other way?
>
> Thanks,
> Nicolas.
>
More information about the freebsd-ipfw
mailing list