[ previous ] [ next ] [ threads ]
 From:  "Chad R. Larson" <clarson at eldocomp dot com>
 To:  Jan Koetze <jan at koetze dot net>, "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] m0n0wall feature request
 Date:  Tue, 27 Jan 2004 15:57:54 -0700
At 03:54 AM 1/23/2004, Jan Koetze wrote:
>option to stop portscans the way portsentry does or at least drop the 
>request for a few minutes when a portscan occurs. With the current release 
>people can scan forever.

I believe we had this discussion a while back.  Most "best practices" would 
have an intrusion detection system (IDS) on a separate machine than your 
firewall.  The firewall should be as simple as possible and be as reliable 
as an anvil.

The more features, the more potential exploits...

Chad R. Larson (CRL22)    chad at eldocomp dot com
   Eldorado Computing, Inc.   602-604-3100
      5353 North 16th Street, Suite 400
        Phoenix, Arizona   85016-3228


This message is intended for the sole use of the individual and entity to whom it is addressed, and
may contain information that is privileged, confidential and exempt from disclosure under applicable
law. If you are not the intended addressee, nor authorized to receive for the intended addressee,
you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or
any information contained in the message. If you have received this message in error, please
immediately advise the sender by reply email, and delete the message. Thank you.