What is this Very Stupid DOS Attack Script?
Jon Adams
jonaadam at nsu.nova.edu
Thu Apr 7 17:28:46 PDT 2005
Marian Hettwer wrote:
>On Mi, 6.04.2005, 17:57, Willem Jan Withagen sagte:
>
>
>>I've build some swatch-rules that after two of these hits, I dump
>>the host into ifpw-deny space.
>>
>>
>>
>Aye. I thought about writing a script, doing the same like yours, too.
>Could you post this script somewhere, so that I could add some
>functionality or just use it ?
>
>
>
This is similar to what I do... except
I just run a cronjob every so often... daily.. weekly.. what have you..
that will restart ipfw... probably there is a cleaner solution, but it
does the job for me.... as far as cleaning out the dozens of IPs that
get blocked for connecting to ports they shouldnt on my boxes
More information about the freebsd-security
mailing list