Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

Re: Honeypots
From: "Michael" <michael () insulin-pumpers org>
Date: Mon, 19 Jan 2004 17:33:03 -0800
SpamCannibal blocks spam at the origination server and can be
configured to block DoS attacks.

SpamCannibal uses a continually updated database containing the IP
addresses of spam or DoS servers and blocks their ability to connect
using a TCP/IP tarpit, ideally bringing the spam server to a virtual
halt for a long time or perhaps indefinitely. This effectively
eliminates the network traffic to your site because the spam never
leaves the origination server. Widely deployed, SpamCannibal can help
eliminate spam from the internet.

The operative piece of this gadget is

IPTables::IPv4::DBTarpit

a module based on Linux IPTABLES that uses the BerkeleyDB database to 
store IP addresses and other selected information about spammers.

Full documentation for SpamCannibal and all the modules is on the 
SpamCannibal home page and everything is downloadable from CPAN. 
Prerequisites on the DOWNLOAD page of

    http://www.spamcannibal.org   

docs are on the Documentation page.

Mail::SpamCannibal    CPAN
IPTables::IPv4::DBTarpit   CPAN

I'd be happy to answer any questions. Have two systems that have been 
running since Aug '03. 

Also running Tom Liston's labea + LaBrea::Tarpit reporting modules
at
scans.bizsystems.net
and
probes.bizsystems.net

Michael
Michael () Insulin-Pumpers org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]