lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030813192301.31425.qmail@web80603.mail.yahoo.com> From: geggam692000 at yahoo.com (D B) Subject: OpenBSD protect windows update ? wouldnt something like this work in pf to prevent a syn flood ? im no expert at this so feel free to modify assuming xl0 is windows.update.com and xl1 is an internal network that serves the updates set loginterface xl0 set optimization aggressive set block-policy drop set limit { states 200000, frags 200000 } scrub in on $ext_if all fragment reassemble random-id nat on xl0 from xl1 to any -> xl0 rdr on xl0 proto tcp from any to any port 80 -> x11 port 8080 block in all port 80 flags FUP/FUP block in quick on x10 proto {tcp,udp,icmp} from any to any "....if all else fails, get a bigger hammer." D B __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
Powered by blists - more mailing lists