On Wed, Apr 09, 2014 at 09:24:25PM +0200, Reindl Harald wrote:
iptables logging needs to be rate-limit always because how it works
otherwise you have a problem the first time it really happens seriously
Using limits is sensible, yes. But
-m limit --limit 1/m
this might be a bit too restrictive to gather data on attempts at
heartbleeding. And --hashlimit might be more appropriate too as it keeps a
counter per IP address.
--jc
--
A great many of today's security technologies are "secure" only because
no-one has ever bothered attacking them. -- Peter Gutmann
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
