TARPIT for pf/ipfw
Dimitar Vasilev
dimitar.vassilev at gmail.com
Fri Jan 16 02:54:00 PST 2009
see spamd for mail and you may use the don't peer list of sbl .
2009/1/16 Vlad GALU <dudu at dudu.ro>
> This particular iptables module keeps the incoming connection up and
> running, but it sends ACKs advertising a window size of 0 bytes, so
> that the remote end can't send any data until the local process has
> decided it's ok to do so. Basically it's used to slow down spammers
> and worms.
>
> On Fri, Jan 16, 2009 at 11:31 AM, Ivo Vachkov <ivo.vachkov at gmail.com>
> wrote:
> > what does TARPIT do ?
> >
> > On Fri, Jan 16, 2009 at 11:20 AM, Alexey Ivanov <need4spam at bk.ru> wrote:
> >> Is there any command identical to:
> >> iptables -A INPUT -p tcp -m tcp -dport 80 -j TARPIT
> >>
> >> If no, does anyone ever tried to implement this feature?
> >>
> >> _______________________________________________
> >> freebsd-net at freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> >> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
> >>
> >
> >
> >
> > --
> > "UNIX is basically a simple operating system, but you have to be a
> > genius to understand the simplicity." Dennis Ritchie
> > _______________________________________________
> > freebsd-net at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-net
> > To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
> >
>
>
>
> --
> ~/.signature: no such file or directory
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list