On Sat, 12 Jan 2002 21:29:30 +1000 "Lavinius Romio Petru" <[EMAIL PROTECTED]> spewed into the bitstream:
> So far so good, but you can be using --sport too to only allow > connections from priveleged ports, and I olso played with something like > this > /sbin/iptables -I INPUT -i eth0 -p tcp --tcp-flags ACK ACK --dport 80 \ I'd drop the --tcp-flags ACK ACK > -m string --string 'cmd.exe' -j REJECT --reject-with tcp-reset Might be more fun to make the target -j MIRROR and send the request back where it came from. > and add it permanent for a few days as well as for root.exe, but it > looks good so far!!! I'll reserve judgement until I have time to go through it thoroughly (2003 perhaps?). Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 _______________________________________________ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users