O'Reilly logo

Linux Firewalls by Michael Rash

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Active Response Examples

In this section, we'll dive into a few juicy examples of using psad in active response mode, and we'll show how it detects and blocks an IP address that is consistently scanning a Linux system that has iptables facilities enabled. See the standard network diagram in Figure 8-1 for all active response examples in this section. As usual, the default iptables policy implemented by the iptablesfw script from "Default iptables Policy" on page 20 is implemented on the firewall.

Default network diagram

Figure 8-1. Default network diagram

Active Response Configuration Settings

Given the highly configurable nature of psad, the active response examples in this ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required