On 12/11/05, Debian Bug Tracking System <[EMAIL PROTECTED]> wrote:
> This is an automatic notification regarding your Bug report
> #343041: [rejected] iptables TARPIT target not supported,
> which was filed against the iptables package.
>
> It has been closed by one of the developers, namely
> "Laurence J. Lane" <[EMAIL PROTECTED]>.
>
> Their explanation is attached below. If this explanation is
> unsatisfactory and you have not received a better one in a separate
> message then please contact the developer, by replying to this email.
>
> Debian bug tracking system administrator
> (administrator, Debian Bugs database)
>
> Received: (at 343041-done) by bugs.debian.org; 12 Dec 2005 02:32:07 +0000
> From [EMAIL PROTECTED] Sun Dec 11 18:32:07 2005
> Return-path: <[EMAIL PROTECTED]>
> Received: from master.debian.org ([146.82.138.7])
> by spohr.debian.org with esmtp (Exim 4.50)
> id 1EldTz-0001BR-75; Sun, 11 Dec 2005 18:32:07 -0800
> Received: from ljlane by master.debian.org with local (Exim 4.50)
> id 1EldTy-0004vU-86; Sun, 11 Dec 2005 20:32:06 -0600
> Date: Sun, 11 Dec 2005 20:32:06 -0600
> From: "Laurence J. Lane" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: iptables TARPIT target not supported
> Message-ID: <[EMAIL PROTECTED]>
> Mime-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> X-Linux-Distro: Debian GNU/Linux http://www.debian.org
> User-Agent: Mutt/1.5.9i
> Sender: Laurence Lane <[EMAIL PROTECTED]>
> X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
> (1.212-2003-09-23-exp) on spohr.debian.org
> X-Spam-Level:
> X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00,OUR_MTA_MSGID,
> VALID_BTS_CONTROL autolearn=no version=2.60-bugs.debian.org_2005_01_02
> X-CrossAssassin-Score: 2
>
> retitle 343041 [rejected] iptables TARPIT target not supported
> thanks control
>
>
> Dear User,
>
> You are quite correct that TARPIT is not supported on your
> system. Unfortunately, it's because your kernel does not
> support TARPIT.
>
> There are notes on that in the README.Debian in:
>
> /usr/share/doc/iptables/
FYI:
no notes at all on tarpit or TARPIT in /usr/share/doc/iptables/ in any file.
>
> And TARPIT in particular is a not nice piece of netfilter
> code that will likely never be included in the stock kernel.
Well, the 0wned Romanian servers that spend countless hours and
thousands of connections per night on SSH dictionary attacks against
my systems are not nice either, and I'd like to lower the load on my
servers. This would help a lot. Not nice people don't deserve nice
treatment. I'd send you my logs from the constant attacks, but it
would take days on my 2Mb Frame Relay to transfer them.
Will handle it myself. Just would have liked to keep a stock kernel running.
Thanx,
David A. Bandel
--
Focus on the dream, not the competition.
- Nemesis Air Racing Team motto
