Stop Script

[Ian Jones]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"Richard La Bella" <rlabella@netxtreme-fl.com> writes:

> Does anyone know of a way (perhaps a script) that can kill outbound
> connections from the private LAN to the Internet after a set period based on
> tcp -syn, session state, time, etc. I run a honeynet and need to be sure
> that systems exploited from the inside cannot be used to DOS or attack
> systems on the outside.

If you poke around at the Honeynet site you can find the scripts that
they use for rate-limiting and notification. You can use the limit
module to control how many outbound connection are allowed, but I am
not familiar with any way to timeout a connection. I would be more
worried about a compromised host scanning or DoSing.

-----BEGIN PGP SIGNATURE-----
Comment: Keeping the world safe for geeks.

iD8DBQE7xFDWwBVKl/Nci0oRAvW7AJ9xAZyl+fjmHJYsUREjHRoaca6jCACgmSdo
jDzDqPk60cGPhyOJ3ZE8e7Y=
=pltp
-----END PGP SIGNATURE-----