6 Sep
2003
6 Sep
'03
01:13
I saw that from some time iptables have a TARPIT rule, useful for slowing down port/vulnerabilities scans, virus tries and things like that, but, how safe or stable is it to activate it by default for anything not enabled earlier? Including it in SuSEFirewall or other firewalls don't look hard, for SuSE firewall look like just putting it in the SuSEFirewall2-custom (probably in the fw_custom_before_denyall) will do the work, but, the support of that rule is not in the bundled iptables (at least, not in the 8.2 one), what is the best way to upgrade it? (of course, if its safe to enable it)