Search results

I use the comcastic business class and have a block of 13 static ip's. After a lot of problems, it's now pretty damn solid and with some configuration tuning I've been able to get 30000+/kbps / 4000+/kbps

FYI.. this project is still continuing.. I've just been having to take care of some family things lately that have been impacting the speed of development.

If there's enough interest, I may be willing to release the alpha code for the blocking portion of AsteRBL. The one caveat though is that the most effective RBL at the moment is the all foreign ip's one. It effectively blocks 99% or more of all voip attacks by stopping foreign addresses. I'll...

awesome! that's totally something that I was hoping to add at some point. I'll have to see if he minds us using it...

Check this out.. 48 hours of running the RBL and here's what it caught already! Chain CUSTOMRBL (1 references) target prot opt source destination DROP all -- 221.224.78.249 asterhome DROP all -- 221.224.78.248 asterhome DROP all --...

I think there's a misconception about what I mean by that. OSSEC works via a collector (backend) and agents. The agents feed the backend but the backend still resides on your system(s) and is controlled by you. That feature is really for larger voip networks so that they can trigger an action...

BTW.. alpha testers needed..

Update (Shell Accounts Wanted) I have the RBL functional now, banning hosts including in the RBL, doing the lookups, etc. At this point I need to do a bunch of testing and to do that I need shell accounts so I can connect to various dest ip/port combinations on the server and check to see the...

as it turns out, this blocklist wont strictly be limited to asterisk by the simple fact that it is firewall based and doesn't rely on modifying applications. Since you specify which ports you want it to work on, and which of the rbl's to pull from, you could set it up for smtp, imap, or...

Ward, I'd very much appreciate seeing what ya'll have done with Sushi and how you're identifying the individual installations. My plan is to have this be a distributed system similar to the way Dundi uses peers so that any DDoS is pretty much worthless as it wont even stop one site let alone...

Just a quick update: Got the packet sniffing daemon functional. Got the iptables test code functional. Currently adding RBL client support.

My pleasure Ward. There's an expect module for Perl as well if you ever need it.

expect It's just easier to do it with expect than it is to do it in bash. :)

I hear you. I have an idea about how to fix that but it has some risks because it would interface with the kernel itself. 2 ways of doing it would be selinux and/or kernel modules.

Joe, I'm planning on using OSSEC for part of it actually and have it running on my systems already. As for the centralized shutdown, I think the ossec correlation engine should be capable of shutting down servers that are obviously breached. One option instead of a shutdown is to put a deny...

I've begun working on a Security Suite (cool name to follow) that I'm going to need some testers for in the near future. Features of the Security Suite (will) include: Distributed (DDoS safe) blocking of known attackers for all protocols (it uses the firewall rather than modifying application...