lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 9 Apr 2014 23:33:49 +0200
From: Juergen Christoffel <jc@...er.net>
To: fulldisclosure@...lists.org
Subject: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160

On Wed, Apr 09, 2014 at 09:24:25PM +0200, Reindl Harald wrote:
>
>iptables logging needs to be rate-limit always because how it works
>otherwise you have a problem the first time it really happens seriously

Using limits is sensible, yes. But

> -m limit --limit 1/m

this might be a bit too restrictive to gather data on attempts at
heartbleeding. And --hashlimit might be more appropriate too as it keeps a
counter per IP address.

	--jc

-- 
  A great many of today's security technologies are "secure" only because
  no-one has ever bothered attacking them. -- Peter Gutmann


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ