Security Basics mailing list archives
Re: iptables 2
From: link <link () twistedslinky org>
Date: Sun, 15 Feb 2004 23:43:34 -0500
On 12/02/04 01:35 +0800, Jorge Garcia wrote:
i need some inpho or link on how a denial of service in iptables logs can happend, its not for hacking stuff, its only for learning iptables vulnerabilities. Any inpho on iptables vulnerabilities could help me. Thanx and bye
A sample iptables logging rule: /sbin/iptables -A udp_packets -m limit --limit 3/minute --limit-burst 3 -j LOG --log-level INFO --log-prefix "UDP packet died: " The --limit 3/minute is used to prevent the logs from filling up, which could happen very quickly on a busy box. If that wasn't being used, any standard DoS flood that got blocked by the firewall would also fill up the /var partition from the iptables log incredibly fast. -- I have often wondered if the majority of mankind ever pause to reflect upon the occasionally titanic significance of dreams, and of the obscure world to which they belong. -- H.P. Lovecraft --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.astaro.com/php/contact/securityfocus.php ----------------------------------------------------------------------------
Current thread:
- iptables 2 Jorge Garcia (Feb 13)
- Re: iptables 2 link (Feb 16)
- <Possible follow-ups>
- RE: iptables 2 Shawn Jackson (Feb 16)