Re: block CodeRed/Nimda at the firewall?
From: Kasper Dupont (kasperd_at_daimi.au.dk)
Date: 05/11/03
- Next message: Kasper Dupont: "Re: block CodeRed/Nimda at the firewall?"
- Previous message: Kasper Dupont: "Re: secure passwords"
- In reply to: nobodaddy: "Re: block CodeRed/Nimda at the firewall?"
- Next in thread: nobodaddy: "Re: block CodeRed/Nimda at the firewall?"
- Reply: nobodaddy: "Re: block CodeRed/Nimda at the firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 11 May 2003 09:36:20 +0200
nobodaddy wrote:
>
> I think in this scenario (massive portscan by some dickhead with a herd of
> 100 or so boxen), REJECT won't do any good; DROP's the way to go.
I'd use a ratelimit to take care of that. The first few get a response
and afterwards only one every second or so gets a response.
-- Kasper Dupont -- der bruger for meget tid på usenet. For sending spam use mailto:aaarep@daimi.au.dk for(_=52;_;(_%5)||(_/=5),(_%5)&&(_-=2))putchar(_);
- Next message: Kasper Dupont: "Re: block CodeRed/Nimda at the firewall?"
- Previous message: Kasper Dupont: "Re: secure passwords"
- In reply to: nobodaddy: "Re: block CodeRed/Nimda at the firewall?"
- Next in thread: nobodaddy: "Re: block CodeRed/Nimda at the firewall?"
- Reply: nobodaddy: "Re: block CodeRed/Nimda at the firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Loading
