This or writing a squid redirector are probably the best way to go about it.
You can just redirect everything through a program with pf in any case and
give that program the real work.
John Tate.
-Original Message-
From: owner-freebsd...@freebsd.org [mailto:owner-freebsd...@freebsd.org] O
http://www.inmon.com/support/sentinel_release.php
On Wed, Jun 23, 2010 at 8:30 PM, claudiu vasadi
wrote:
> Hello fellas,
>
>
> system: freebsd 8.0 with pf
>
>
> A couple of years ago I wanted to limit a string with pf and I could not
> find a way to do it.
>
> Back in the day, I was running a dc+
On Wed, Jun 23, 2010 at 4:15 PM, Peter Maxwell wrote:
> Hmmm, off the top of my head: I wonder if you could use Snort and have that
> do full packet inspection for you. Then you should be able to script an
> alert if the string is found and call pfctl to add the offending IP address
> to a table
Hmmm, off the top of my head: I wonder if you could use Snort and have that
do full packet inspection for you. Then you should be able to script an
alert if the string is found and call pfctl to add the offending IP address
to a table that blackholes it. Just a thought.
Or if you want to do it "
On Wed, Jun 23, 2010 at 9:18 PM, no name wrote:
> i can't recall it, was dc tcp or udp based?
>
"dc"
The number of possible connections in a specific time frame does not help
if I have ~200-500 authentications requests/sec and I get 100-300 attacks
(D/DOS) per sec. I thought about that o
i can't recall it, was dc tcp or udp based?
however, you could try to limit the number of possible connections in
a specific time frame.
using linux, you could even use the l7 ipfilter extension to inspect a
packet's payload and do some limiting based on that.
... just some thoughts.
---
“Your ti
Hello fellas,
system: freebsd 8.0 with pf
A couple of years ago I wanted to limit a string with pf and I could not
find a way to do it.
Back in the day, I was running a dc++ software on FreeBSD and the most
common way of flood was this "string attack". The idea was simple: more than
"x" number
