[Snort-users] tcp flood

Matt Kettler mkettler at ...4108...
Tue Mar 8 08:07:41 EST 2005


At 08:16 PM 3/7/2005, Joaquin Grech wrote:
>Matt,
>
>I am checking your solutions. I am looking into a way to do the limit
>through IPTables but I can't find a way to do so per ip (or if the attack is
>massive, per general connection). Do you know the command or where to get
>that extension you mention?

Erk, you're right, iptables --limit is on a per-rule basis, not on a per 
source address... 





More information about the Snort-users mailing list