[ previous ] [ next ] [ threads ]
 
 From:  Richard Adams <podilarius at yahoo dot com>
 To:  m0n0wall-dev <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] 1.3 OS attributes/feature list - no comments?
 Date:  Thu, 20 Oct 2005 08:25:15 -0700 (PDT)
I think that you should also add some basic intrusion detection and limiting. Alot can be said for
limiting the number of states/sessions a particular IP can have open. This should be both source and
destination based. The ability to detect and start dropping packets during an attack can be
critical. Such attacks as DOS, teardrop, ping of death, winnuke, syn flood, igmp flood, ip spoofing,
port scanning, ip sweeping, and others. Adding email notification would be nice.

 


		
---------------------------------
 Yahoo! Music Unlimited - Access over 1 million songs. Try it free.