Tom, start by hardening the server (I know this isn't pf specific but, it needs to done)
Link for hardening FreeBSD - http://www.bsdguides.org/guides/freebsd/security/harden.php. Enable the "configure FreeBSD to drop SYN/FIN packets:" and monitor the results. Drop known garbage using Pf eg: block drop in quick from <garbage> to any Ports to look into - lockdown and mod_security. I use the denyhost database to drop any connections from the list for a 24 hr period. Regards _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
