[Cerowrt-devel] blocking probes...

Michael Richardson mcr at sandelman.ca
Sun Jan 13 15:22:00 EST 2013

>>>>> "Dave" == Dave Taht <dave.taht at gmail.com> writes:
    Dave> one of the underused features of cerowrt is that I stuck a sensor on
    Dave> xinetd to detect attempts to telnet or ftp to the router and cut off
    Dave> access to some other services, notably ssh.

    Dave> I would have loved to extend this facility to either do it
    Dave> entirely in 
    Dave> iptables or leverage xinetd to talk to iptables to (for example)
    Dave> disable access to the web server.

I didn't know that was there... what version does it start?
I get lots of probes... can I run this detector on port-22 (on the
outside) as well?

With the 3800s having dried up, I'm now really concerned... what if my
device blows up?  and I've got nothing to experiment with.

I was planning to buy more in the new year (now), but I didn't do it
fast enough.  Given that they have dried up now, I'm thinking that I
need to go back and replace my 3800 with something else that can run
cerowrt, or at least can run the QOS scripts.   
I am not happy running my firewall as a VM, but I certainly could do

]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [ 

More information about the Cerowrt-devel mailing list