Firewall Wizards mailing list archives
Re: Intrusion Prevention Firewall
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Fri, 12 Apr 2002 22:19:03 +0200
"Berny Stapleton (Sydney Technology)" wrote:
I think some attack signatures should be trusted, blatently obvious ones like TCP/UDP scans from the same host. I think a half hour ban on this type of traffic
Good idea. Block IPs that do TCP and UDP scans. [1] Let's see now... I foresee a cloudy day with heavy UDP showers from 198.41.0.4 interspersed with light TCP rain drifting in from 128.9.0.107 and 192.33.4.12. There is also a slight risk of bad weather in the general vicinity of 203.7.199.11. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com "And thus we retract the foreskin of ignorance and apply the wire brush of enlightenment" -- Geoff Miller. [1] I'm not trying to make you feel bad for saying this before thinking it through all the way; believe me. There are however quite a few commercial boxes that actually do this. One would think that they'd know better. &%#&%¤#%# _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Intrusion Prevention Firewall Crispin Cowan (Mar 31)
- <Possible follow-ups>
- RE: Intrusion Prevention Firewall dont (Apr 02)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 03)
- Re: Intrusion Prevention Firewall Gary Flynn (Apr 03)
- RE: Intrusion Prevention Firewall Berny Stapleton (Sydney Technology) (Apr 12)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 16)
- Re: Intrusion Prevention Firewall Mikael Olsson (Apr 16)
- RE: Intrusion Prevention Firewall Dave Piscitello (Apr 16)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 17)
- RE: Intrusion Prevention Firewall Dave Piscitello (Apr 17)
- RE: Intrusion Prevention Firewall R. DuFresne (Apr 18)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 03)
- RE: Intrusion Prevention Firewall Mike Shaw (Apr 17)
- Re: Intrusion Prevention Firewall Crispin Cowan (Apr 05)
- Re: Intrusion Prevention Firewall Gary Flynn (Apr 06)