Honeypots mailing list archives
Re: Honeypots
From: "Michael" <michael () insulin-pumpers org>
Date: Mon, 19 Jan 2004 17:33:03 -0800
SpamCannibal blocks spam at the origination server and can be configured to block DoS attacks. SpamCannibal uses a continually updated database containing the IP addresses of spam or DoS servers and blocks their ability to connect using a TCP/IP tarpit, ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. This effectively eliminates the network traffic to your site because the spam never leaves the origination server. Widely deployed, SpamCannibal can help eliminate spam from the internet. The operative piece of this gadget is IPTables::IPv4::DBTarpit a module based on Linux IPTABLES that uses the BerkeleyDB database to store IP addresses and other selected information about spammers. Full documentation for SpamCannibal and all the modules is on the SpamCannibal home page and everything is downloadable from CPAN. Prerequisites on the DOWNLOAD page of http://www.spamcannibal.org docs are on the Documentation page. Mail::SpamCannibal CPAN IPTables::IPv4::DBTarpit CPAN I'd be happy to answer any questions. Have two systems that have been running since Aug '03. Also running Tom Liston's labea + LaBrea::Tarpit reporting modules at scans.bizsystems.net and probes.bizsystems.net Michael Michael () Insulin-Pumpers org
Current thread:
- Re: Honeypots Michael (Jan 19)
- <Possible follow-ups>
- Re: Honeypots Michael (Jan 20)
- Re: Honeypots Michael (Jan 20)