Hello,
I've been successfully using the max-src-conn and max-src-conn-rate
with an overload into a table that I block for our external firewall
that protects a few dozen (mostly Sun) web servers. As it stands it
works great for blocking ssh, ftp, smtp and several other protocols
when there are
On Feb 1, 2008, at 1:30 AM, Peter N. M. Hansteen wrote:
Darrin Chandler <[EMAIL PROTECTED]> writes:
Depending on the traffic patterns of legit vs. attack the
following idea
might work... use max-src-* with values that may create false
positives
and overload into table which will still PASS. N
2 matches
Mail list logo
