Re: iptables 2

[link <link () twistedslinky org>]

On 12/02/04 01:35 +0800, Jorge Garcia wrote:
> i need some inpho or link on how a denial of service in iptables logs can happend, its not for hacking stuff, its 
> only for learning iptables vulnerabilities.
> Any inpho on iptables vulnerabilities could help me.
> Thanx and bye

A sample iptables logging rule:

/sbin/iptables -A udp_packets -m limit --limit 3/minute --limit-burst 3 -j 
LOG --log-level INFO --log-prefix "UDP packet died: "

The --limit 3/minute is used to prevent the logs from filling up, which 
could happen very quickly on a busy box.  If that wasn't being used, any 
standard DoS flood that got blocked by the firewall would also fill up 
the /var partition from the iptables log incredibly fast.


-- 
I have often wondered if the majority of mankind ever pause to reflect
upon the occasionally titanic significance of dreams, and of the obscure
world to which they belong.  -- H.P. Lovecraft

---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------