[wplug] netstat and a worrying connection
Terence J. Golightly
t.golightly at verizon.net
Thu Nov 12 13:03:29 EST 2009
Brian,
>On Thu, 2009-11-12 at 10:55 -0500, Brian A. Seklecki wrote:
> On Thu, 2009-11-12 at 09:35 -0500, Terence J. Golightly wrote:
> > I will be googling, but thought one of you security experts
>
> I would use pfctl(8) -F on pf(4) to flush a specific state from the
> table. That will cause the forwarding device / upstream router (or
> localhost if you have it enabled).
I pfctl available on Debian system's? an aptitude search doesn't show
it in the repositories for Ubuntu.
>
> Either that, or insert a temporary rule that does "block
> return-rst" (Which will force the client to reset the kernel socket
> structure) for the specific source/destination address.
I'm using Shorewall on my box and my Actiontec mixxxxxx has a builtin
firewall. I'm not too savvy regarding setting up rules. I know how to
open a port on my local firewalls.
>
> Most PF users have a pf(4) table (<wankers>) and a referenced standby
> rule for use in DDoS situations.
again another BSD utility. I'll google some more
Thanks for your reply
Terry
> _______________________________________________
--
Terence J. Golightly <t.golightly at verizon.net>
SOHO
More information about the wplug
mailing list