>> >> > However, labrea may be great software ... but it is certainly not >> > the software one wants to compete with a live machine for incoming >> > connections. >> >> The way I run it, the IP addresses being tarpitted are IP addresses >> that would be rejected anyway by zen et. al. DNSBL checks - they are >> repeat offenders that have already been firewalled out (thus the MTA >> never sees the traffic) and adding LaBrea simply adds a >> trap-the-attacker response to the SYN packet rather than just >> discarding the traffic. >>
Hi John, maybe I misread the laBrea docs that talk about capturing unused ip.... Could you show me configuration you use for labrea Wolfgang Hamann
