As I heard all the customers of WatchGuard and NetScreen boxes use Linex/Netfilter. I think other members will be able to tell you about such products. Commercial products also often are based on Linux/FreeBSD their flavours.
A Xmas packet is a packet with all flags enabled. You can use iptables to filter them out / log them.
From iptables man page:
--tcp-flags [!] mask comp
Match when the TCP flags are as specified. The
first argument is the flags which we should exam�
ine, written as a comma-separated list, and the
second argument is a comma-separated list of flags
which must be set. Flags are: SYN ACK FIN RST URG
PSH ALL NONE. Hence the command
iptables -A FORWARD -p tcp --tcp-flags
SYN,ACK,FIN,RST SYN
will only match packets with the SYN flag set, and
the ACK, FIN and RST flags unset.
Best regards,
Gabor Horvath
[EMAIL PROTECTED]
| "Carlos Alberto Pelaez" <[EMAIL PROTECTED]>
Felad�: [EMAIL PROTECTED] 2001.10.11 18:21
|
C�mzett: <[EMAIL PROTECTED]> M�solat: T�rgy: Help |
Hello my friends,
I need to have a list of all companies and Universitys of the world that
uses iptables for a security solution of firewall.
Actually, my company search a comercial solution for the security, but my
wish is to use iptables. Please help me with this dear friends, and sorry by
my english.
What is XMAS packets ???
