[ previous ] [ next ] [ threads ]
 From:  "Ron Carter" <wcarterjr at earthlink dot net>
 To:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Latest virus kills m0n0wall
 Date:  Mon, 13 Aug 2007 22:50:09 -0400
I am using pf sense and I using snort as well.  it seem to do a good  job
----- Original Message ----- 
From: "Chris Buechler" <cbuechler at gmail dot com>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, August 13, 2007 9:36 PM
Subject: Re: [m0n0wall] Latest virus kills m0n0wall

> On 8/13/07, Alex Neuman van der Hans <alex at nkpanama dot com> wrote:
>> This sounds like a pretty sound argument not only for hotels but several
>> other types of installations. One thing I'd like to know is... does
>> pfSense have some form of a "limit connections" rule per-ip or per-port?
> Yes. pf offers a lot more capabilities in this area than ipf,
> including simultaneous client connection limit, max state entries per
> host, max new connections per second, and individual state timeout,
> all on a per-rule basis. All of which are in the pfSense GUI. So you
> have a LOT of flexibility with pfSense that m0n0wall can't offer
> because ipf doesn't support those things. So it could stop this from
> ever becoming an issue.
> It'll still generate support calls since the worm will take up all the
> states that host is allowed and it's likely nothing else will work for
> that machine, but it won't affect anybody else which is the important
> thing.
> -Chris
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> -- 
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.476 / Virus Database: 269.11.11/944 - Release Date: 8/9/2007 
> 2:44 PM