can pf block a string ? or better, to limit it ?
claudiu vasadi
claudiu.vasadi at gmail.com
Wed Jun 23 19:30:44 UTC 2010
On Wed, Jun 23, 2010 at 9:18 PM, no name <britneyfreek at googlemail.com>wrote:
> i can't recall it, was dc tcp or udp based?
>
"dc" ????
The number of possible connections in a specific time frame does not help
if I have ~200-500 authentications requests/sec and I get 100-300 attacks
(D/DOS) per sec. I thought about that one long ago, and no matter on which
side I turn the problem, I always end up at the "impossible to filter
strings" wall.
I know iptables can do it but a couple of months ago when I was asked to
conf. a linux box I went completely mad trying to learn iptables's syntax
(god it's ugly). This is why I would prefer to avoid linux here. Plus, I'm
dealing with pf way longer than iptables and linux for that matter (it was
~6 years ago when I worked with linux last time)
More information about the freebsd-pf
mailing list