[Gllug] [OT] Netgear DG834 and DOS attacks

Wiehe, Simon simon.wiehe at csfb.com
Wed Jul 20 11:06:27 UTC 2005


Chris Bell wrote
>    I decided to try to learn more about firewalling by going rather OTT. I
> have an old 486 IPCop box sandwiched between two other old boxes, both
> acting as invisible bridge + iptables firewall. Both bridges are running a
> basic Debian Sarge installation with added bridge-utils, and will drop (not
> reject) anything they do not wish to forward or accept, with a few port-scan
> rules, etc, from iptables examples. They are not visible from outside, so
> rather difficult to break. I have made provisions for very selective access
> to the outer box for admin only as it is otherwise firewalled out.

I have my network protected by my Linux box running ip tables as well 
as the firewall on the router. However, I tend to explicitly drop packets
for any ports where I have previously had DOS attacks, even though the router
defaults to deny. I was just wondering if I was able to reject any requests
from a particular domain.

I have configured the router to email logs info and I want to keep it as clean
as possible so I can spot things like this. If I could block this domain by
default it would reduce the noise.

Thanks

Simon

==============================================================================
Please access the attached hyperlink for an important electronic communications disclaimer: 

http://www.csfb.com/legal_terms/disclaimer_external_email.shtml

==============================================================================

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list