denyhosts-like app for MySQLd?
Ian Smith
smithi at nimnet.asn.au
Mon Jan 21 03:55:21 PST 2008
On Mon, 21 Jan 2008, Jordi Espasa Clofent wrote:
> > There is a functionality in pf, that allows you to have an application to
> > update a list of hosts, that is used in a rule. You could have a script
> > harvest the addresses from your log files, and then update the table in pf. I
> > have not tried it myself, but was looking at adopting an implementation to
> > create a tarpit for spammers based on this idea.
>
> Yes Tim, I know it. The "problem" is the servers are builded in IPFW as
> firewall solution.
> I've tried the "limit" IPFW's option... but isn't exactly what I'm
> looking for.
No problem; IPFW has tables too, and sets, with which you could
enable/disable or swap your script-constructed tables atomically.
Might be easier to allow good hosts rather than exclude baddies?
cheers, Ian
More information about the freebsd-security
mailing list