One of the sites that I maintain is moving to a different firewall. WatchGuard Firebox X1000. None of the full time admins can work with vi for system changes.
This is a feature on the firewall. If attempts are made on ports that are close, all ports will be blocked for about 20 minutes. Don't know if the feature mentioned above is good or bad. On 8/4/05, Giovanni P. Tirloni <[EMAIL PROTECTED]> wrote: > > BB wrote: > > If a host is sending packets on ports that aren't even open can it > > temporarily close all connections to this host. > > I don't think this a task pf itself should do but you can implement > something to monitor connections attemps on closed ports and then > inspect the pf's state table (pfctl -s state) and remove it (pfctl -k). > > Do you want something like PortSentry ? Someone could spoof those > attempts and create a DoS on something you don't want to block. > > -- > Giovanni P. Tirloni > > _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
