[Dshield] Strange Scan
bpennell at coxhealthplans.com
Thu Dec 29 13:53:37 GMT 2005
It's configured as a transparent bridge. It can pretty much be plugged
in anywhere and is easy to replace if it fails. GeoIP allows me to
monitor all foreign sessions, and block countries like China and Korea.
GeoIP also allows me to create my own country codes to block things like
Anonymous Proxy servers.
The recent match allows the FW to remember past intruders, which I
completely block for a specific amount of time. Once they're on one of
my lists, they can't even hit our web servers.
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org]On Behalf Of Jon R. Kibler
Sent: Wednesday, December 28, 2005 2:09 PM
To: General DShield Discussion List
Subject: Re: [Dshield] Strange Scan
BTW, how is the your system configured? I am not quite sure I understand
"IN=br0 OUT=br0 PHYSIN=eth1 PHYSOUT=eth0" showing as one device one
place and two devices elsewhere (have to admit I am not a netfilter
Jon R. Kibler
Chief Technical Officer
Charleston, SC USA
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
More information about the list