[Cerowrt-devel] blocking probes...
Michael Richardson
mcr at sandelman.ca
Sun Jan 13 15:22:00 EST 2013
>>>>> "Dave" == Dave Taht <dave.taht at gmail.com> writes:
Dave> one of the underused features of cerowrt is that I stuck a sensor on
Dave> xinetd to detect attempts to telnet or ftp to the router and cut off
Dave> access to some other services, notably ssh.
Dave> I would have loved to extend this facility to either do it
Dave> entirely in
Dave> iptables or leverage xinetd to talk to iptables to (for example)
Dave> disable access to the web server.
I didn't know that was there... what version does it start?
I get lots of probes... can I run this detector on port-22 (on the
outside) as well?
With the 3800s having dried up, I'm now really concerned... what if my
device blows up? and I've got nothing to experiment with.
I was planning to buy more in the new year (now), but I didn't do it
fast enough. Given that they have dried up now, I'm thinking that I
need to go back and replace my 3800 with something else that can run
cerowrt, or at least can run the QOS scripts.
I am not happy running my firewall as a VM, but I certainly could do
that...
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] mcr at sandelman.ca http://www.sandelman.ca/ | ruby on rails [
More information about the Cerowrt-devel
mailing list