Hi,
> -----Original Message----- > From: Daniel F. Chief Security Engineer - > [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, February 26, 2002 12:00 AM > To: Netfilter - Mail list > Subject: concerning PSD > > > Just getting some clarification. > > psd weight-threshold: 21 delay-threshold: 300 lo-ports-weight: 3 > hi-ports-weight: 1 > > Making sure I understand this. > > if 7 low ports were scanned in 3 seconds it would set off the > PSD rule right. > so 21 hi ports would have to be scanned. in 3 seconds as well. Not exact. 7 low ports or 21 high ports or mixed (lo-ports-weight * n_lo_ports + hi-ports-weight * n_hi_ports >= 21) With maximal 3 sec between different destination ports > > TIA > -- > Chief Security Engineer | Daniel Fairchild [EMAIL PROTECTED] > Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. > > > > Greetings -- Dennis Koslowski <[EMAIL PROTECTED]> | Product Development Astaro AG | http://www.astaro.com | +49-721-490069-0 | Fax -55 Welcome at CeBit 2002 in hall 16, stand B33.
