dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


EgoBurp: Filter Rule TTL

Oct 06, 2004, 07:00 (0 Talkback[s])
(Other stories by Josh Gentry)

WEBINAR:
On-Demand

How to Help Your Business Become an AI Early Adopter


"I just thought of a feature that would be very useful when configuring filters, whether it be Cisco ACL's or Linux iptables or whatever. It would be helpful to be able to give a rule a time to live value. Probably defined in seconds. Here's why I say this. As a system administrator at an ISP, we see attacks on our customers and ourselves constantly. Just a little bit ago I got a complaint from one customer who had logged someone trying to make an ssh connection. I don't see any more traffic from the offending IP right now. My suspicion is that it was a probe for a vulnerability, probably automated. What am I going to do about it? Nothing. Filling the Cisco or firewall with rules blocking individual IP's creates an administrative nightmare..."

Complete Story

Related Stories: