24 Mar
2008
24 Mar
'08
8:01 p.m.
Paul Vixie wrote:
i only use or recommend operating systems that have their own host based firewalls. soon that will mean pf (from openbsd but available on freebsd)
pf's tables are nifty too btw :) pfsense, which is FreeBSD + pf, also has a port of snort IDS available. Provided the OP has a signature of the attack he can match on, there's a wholly open-source solution (I know snort can be configured inline to drop packets on a filtering bridge, but of course you've got the problems of half-open connections accumulating as well as the potential for migration to https).