[Firewall] protect to many connections form same ip

Michel van Dop mvandop at xs4all.nl
Fri Nov 2 12:03:23 CET 2012



I use the firewall script many times on my apache webservers
and streaming servers. 

The last version of the script works great on
CentOS 6.3 64bit, On CentOS 5 i must use the older version 1.9.2n for
low Kernel version.

It works very good, for many years! Thanks

Only sometimes 1 user (IPv4) connect 100 times to same services
how can we protect that?

I try to use: ids plugin and set in the
firewall.conf REDUCE_DOS_ABILITY on 1, and DRDOS_PROTECT=1 

But this
has no effect.

Can i use the ssh-brute-force-protection plgin and set
it on the stream port (80 tcp)? 

Or someone has another idea?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20121102/c7c8f7c1/attachment.html>

More information about the Firewall mailing list