crazy hackers and logwatch

Dan Hollis goemon at anime.net
Wed Aug 10 01:00:29 UTC 2005


On Tue, 9 Aug 2005, Ted Kaczmarek wrote:
> What is really going to be funny, is when someone ends up with a few
> hundred thousands lines of firewall config and restart's their firewall
> or reloads their box. I don't see where most people would benefit from a
> slew of 32 bit length firewall rules. Now if it where smart enough to
> block the entire ip block, preferably top registration that would be
> much more useful. 

that's why pam_abl is so nice. not only does it deceive the attackers, 
it's also near zero-cost. no huge in-kernel firewall rules. simple. easy. 
painless.

-Dan




More information about the test mailing list