Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Firewall on Teardrop Attack!!!
Special Forums IP Networking Firewall on Teardrop Attack!!! Post 302454436 by Neo on Saturday 18th of September 2010 08:18:34 AM
Old 09-18-2010
OpenBSD's pF is a stateful firewall that can act as a proxy for connections. The connection handshake is validated (with the client) instead of just forwarding the packet on to the destination. It is available for other BSDs as well, also known as a synproxy.

What firewall architecture are you currently using?
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Bruteforce attack on my pc

since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise: this is just one of a many and I beleived it's a bruteforce attack how do i block this IP 200.41.81.228 from trying to knock my online pc? my system: FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies

2. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

3. Cybersecurity

What I think is a DoS attack

About 3 days ago our Apache logs started filling with the following errors: mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows) OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies

4. Cybersecurity

Found attack from

Hi, I have a belkin router installed and a look at the security log has got me worried a little bit. Security log: Fri Jan 29 20:41:46 2010 =>Found attack from 68.147.232.199. Source port is 58591 and destination port is 12426 which use the TCP protocol. Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies

5. Cybersecurity

Network attack - so what?

In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies

6. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

7. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

LEARN ABOUT DEBIAN

welf_proxy2dlf

WELF_PROXY2DLF.IN(1)					  LogReport's Lire Documentation				      WELF_PROXY2DLF.IN(1)

NAME

       welf_proxy2dlf - convert logs in WebTrends Enhanced Log Format to proxy DLF

SYNOPSIS

       welf_proxy2dlf file

DESCRIPTION

       welf_proxy2dlf converts firewall logs in the WebTrends Enhanced Log Format into the proxy DLF.

       That format is defined at the following URL: http://www.netiq.com/partners/technology/welf.asp

       This converter also supports the SonicWall extensions.

       A list of firewall products that supports that format can be found at the following URL: http://www.netiq.com/products/fwr/compatible.asp

EXAMPLES

       To process a log as produced by a WebTrends proxy:

	$ welf_proxy2dlf < welf-proxy.log

       welf_proxy2dlf will be rarely used on its own, but is more likely called by lr_log2report:

	$ lr_log2report welf_proxy < /var/log/welf-proxy.log

IMPLEMENTATION NOTES

       Welf log files contains information about many applications: proxies, packet filters, IDS. IDS and packet filters information is handled by
       the firewall superservice, whereas the proxy information is handled by the proxy supersevice.

       This converter will only convert records with a proto, src and dst field. All other records are ignored (they won't be ignored by the
       firewall superservice).

SEE ALSO

       Lire::WELF(3) welf2dlf(1)

AUTHORS

       Francis J. Lacoste <flacoste@logreport.org>

VERSION

       $Id: welf_proxy2dlf.in,v 1.8 2006/07/23 13:16:36 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2001 Stichting LogReport Foundation LogReport@LogReport.org

       This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
       the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

Lire 2.1.1							    2006-07-23						      WELF_PROXY2DLF.IN(1)
All times are GMT -4. The time now is 01:12 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy