As far as i know for application level attacks like this you need something like snort to detect them. I believe this is supported as a package. I havent used it under pfsense though. http://doc.pfsense.org/index.php/Setup_Snort_Package seems to indicate it will block hosts based on snort rules.
I'd imagine that using snort on your pfsense box will add a certain cpu/memory overhead though. Vince On 06/12/2011 23:26, Chuck Mariotti wrote: > > I have some clients that has been hit twice with the recent SQL > injections that seem to be ramping up. > > See: > > http://www.scmagazineus.com/new-mass-sql-injection-attack-could-be-forming/article/218069/ > > http://news.hitb.org/content/new-mass-sql-injection-attack-could-be-forming > > > > > > At our datacenter managed to not get hit. However, I guess I would > like to ask for suggestions on how to stop this type of attack at the > pfSense firewall and what/how to implement something that would allow > us to manage such attacks. > > > > > > Regards, > > > > Chuck M > > > > > > > > _______________________________________________ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list
_______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list