you just have to log those packets with ipchains option -l (in 2.1.x)
or ipfwadm option -o (in 2.0.x) as the last rule, denying those
packets.
You don't need to modify the kernel -- it's in it.
Frank Bernard
frankb@ipf.de
(don't reply to root@ipf.de opposed to the header - bug -- too lazy to fix)
On Tue, 8 Dec 1998, David F. Newman wrote:
> Hi,
> The TIS gauntlet firewall modifies the BSDi kernel
> so that when packets are received on unserved ports the
> kernel logs a security alert via syslog. That way you
> don't have to be actively scanning the network for port
> scans and can just scan your syslog instead. I looked
> through the Linux security HOWTO and couldn't find any
> mention of this. Is this possible with the Linux kernel?
>
> ---------------------------+
> David F. Newman |
> buzzwang@ourvillage.com |
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/