mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-22 12:34:58 +02:00
xt_TARPIT: honeypot and reset modes
Honeypot mode attempts to maintain a normal connection for the purpose of capturing payload packets. Reset mode provides the ability to send a reset packet in lieu of using the DROP or REJECT targets.
This commit is contained in:
Martin Barrow Cliff
committed by
Jan Engelhardt
Jan Engelhardt
parent
1a5c079e6b
commit
fa1348455d
@@ -13,4 +13,10 @@ config NETFILTER_XT_TARGET_TARPIT
|
||||
This offers similar functionality to LaBrea
|
||||
<http://www.hackbusters.net/LaBrea/>, but does not require dedicated
|
||||
hardware or IPs. Any TCP port that you would normally DROP or REJECT
|
||||
can instead become a tar pit.
|
||||
can instead become a tar pit or honeypot. All 3 modes may be used
|
||||
in iptables rules interchangably and simultaneously.
|
||||
|
||||
A honeypot option is available which will answer connections normally
|
||||
and allow the remote to send data packets that may be captured in a
|
||||
pcap for later analysis. A reset mode is also available that will only
|
||||
send an inline reset (RST).
|
||||
|
||||
Reference in New Issue
Block a user