On Wed, 16 Aug 2006 12:32:24 -0400, "Amadeus W. M."
<amadeus84@xxxxxxxxxxxxxx> opined:
> On Wed, 16 Aug 2006 12:07:18 -0400, David Cary Hart wrote:
>
>
> I don't care to defend portsentry, but I'll say that portsentry
> is highly configurable too. However you configure a dynamic
> firewall, I think you can still lock yourself out, if you try.
> I don't think the DoS scenario I outline above is portsentry
> specific. I'm not familiar with swatch though, so I may be wrong.
> After my portsentry days, I completely dropped any dynamic
> approach to security.
>
I am doing dynamic/adaptive firewalling but not through IPTables.
Swatch triggers a chrooted bash script that also removes the rule
with AT after three hours. The reaction from the swatch daemon is
nearly instantaneous.
I cannot see any way that this could be used to create a ddos.
--
Do NOT Send Email to <spam trap> Fedora@TQMcube,com
Our DNSRBL - Eliminate Spam at The Source: http://www.TQMcube.com
Don't Subsidize Criminals: http://boulderpledge.org
