[93650] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: DNS - connection limit (without any extra hardware)

daemon@ATHENA.MIT.EDU (Petri Helenius)
Sun Dec 10 15:51:27 2006

Date: Sun, 10 Dec 2006 22:50:24 +0200
From: Petri Helenius <pete@he.iki.fi>
To: Hank Nussbacher <hank@efes.iucc.ac.il>
Cc: nanog@nanog.org
In-Reply-To: <Pine.LNX.4.64.0612102143330.20233@efes.iucc.ac.il>
Errors-To: owner-nanog@merit.edu


Hank Nussbacher wrote:
> On Sun, 10 Dec 2006, Petri Helenius wrote:
>
>>> Virtual patching.
>>
>> How do I virtual patch the machine in ireland which attacked my mail 
>> server just a few minutes ago?
>
> You don't patch the machine in Ireland, but once your "virtual 
> patching box" identifies a hostile system and identifies what it is 
> infected with, it can then do the virtual patching on your end so that 
> all subsequent pkts entering from that machine in Ireland are cleaned 
> and no longer hostile.
Does it reset the evil bit too?

Pete


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[93650] in North American Network Operators' Group

Re: DNS - connection limit (without any extra hardware)

daemon@ATHENA.MIT.EDU (Petri Helenius)Sun Dec 10 15:51:27 2006

daemon@ATHENA.MIT.EDU (Petri Helenius)
Sun Dec 10 15:51:27 2006