Active Response Examples

In this section, we'll dive into a few juicy examples of using psad in active response mode, and we'll show how it detects and blocks an IP address that is consistently scanning a Linux system that has iptables facilities enabled. See the standard network diagram in Figure 8-1 for all active response examples in this section. As usual, the default iptables policy implemented by the iptablesfw script from "Default iptables Policy" on page 20 is implemented on the firewall.

Figure 8-1. Default network diagram

Active Response Configuration Settings

Given the highly configurable nature of psad, the active response examples in this ...

Get Linux Firewalls now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Linux Firewalls by Michael Rash

Active Response Examples

Active Response Configuration Settings

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly