DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 3rd December 2013
irukandji irukandji is offline
New User
 
Join Date: Jul 2013
Posts: 9
Thanked 0 Times in 0 Posts
Default PF dynamic adding of ips to table (booby trap port)

As i have only few ports opend to the internet within the service range i would like to booby trap others to block any host that sends tcp or udp packet to any of them.

What i am having problem with is dynamically adding the offending ip to the table (most likely port scan), something like:

table <honeypot> persist
block quick from <honeypot>
pass in on em0 proto tcp from any to any port 1:24 "add ip to" <honeypot>

The problem is that i cant find syntax to add the ip sending the packet to the honeypot table, is this even possible? The overload has this possibility but this is not about the connection count as the handshake is not even done yet - there should be no traffic so any kind of tcp packet should be enough to get blocked.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Web server backdoor also booby traps lighttpd and NGINX J65nko News 0 8th May 2013 09:50 PM
opera bug in openbsd 5.1 release with Abort Trap message daemonfowl OpenBSD Packages and Ports 2 26th May 2012 06:42 AM
why won't my table work? tomp OpenBSD Security 3 25th August 2011 12:23 PM
Fatal trap 12: page fault while in kernel mode sixshot FreeBSD General 11 18th July 2008 12:53 AM
Ajax dynamic table/spreadsheet robbak Programming 1 7th June 2008 10:33 PM


All times are GMT. The time now is 02:35 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick