[Cerowrt-devel] blocking probes...

Dave Taht dave.taht at gmail.com
Sat Jan 12 23:50:23 EST 2013


one of the underused features of cerowrt is that I stuck a sensor on
xinetd to detect attempts to telnet or ftp to the router and cut off
access to some other services, notably ssh.

I would have loved to extend this facility to either do it entirely in
iptables or leverage xinetd to talk to iptables to (for example)
disable access to the web server.

I'm curious if anyone elses server logs ever show something like this
in the Real World:

Jan 12 20:44:02 europa daemon.crit xinetd[3273]: 3273 {process_sensor}
Adding 190.185.12.121 to the global_no_access list for 120 minutes

And I'm curious as to what more fully blown tools like this already exist.

-- 
Dave Täht

Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html



More information about the Cerowrt-devel mailing list