On Mon, Nov 15, 1999 at 02:54:29PM +0100, Michael Enk wrote:
> I was wondering if any proactive measures exist against attacks on a
> firewall. What could I do if I knew my firewall was attacked from a
> particular site ?
There is not much you can do. You can hope your firewall is generating a
nice report which you can send out to the abuse address of the attackers
network.
If your firewall does something like dynamically blocking the site you open
up the door for Deny of Service Attacks.
So, if your firewall alerts you and gives you a good summary I think thats
enough. You can then read more carefully the logs of the inside systems or
watch open connection more closely.
Setting up a honeypot trap may keep intruders away from your firewall...
Greetings
Bernd
--
(OO) -- [EMAIL PROTECTED] --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
