[Cerowrt-devel] blocking probes...

Sebastian Moeller moeller0 at gmx.de
Sun Jan 13 00:01:25 EST 2013

Hi Dave,

On Jan 12, 2013, at 20:50 , Dave Taht wrote:

> one of the underused features of cerowrt is that I stuck a sensor on
> xinetd to detect attempts to telnet or ftp to the router and cut off
> access to some other services, notably ssh.
> I would have loved to extend this facility to either do it entirely in
> iptables or leverage xinetd to talk to iptables to (for example)
> disable access to the web server.
> I'm curious if anyone elses server logs ever show something like this
> in the Real World:
> Jan 12 20:44:02 europa daemon.crit xinetd[3273]: 3273 {process_sensor}
> Adding to the global_no_access list for 120 minutes
> And I'm curious as to what more fully blown tools like this already exist.

	This sounds remotely like a sort of reverse port knocking system, where you would connect to certain ports before allowing say ssh on some unusual port. You probably know this but on the off chance it might be news… 


> -- 
> Dave Täht
> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel

More information about the Cerowrt-devel mailing list