3APA3A <3APA3A@SECURITY.NNOV.RU> wrote: > III. Details > > Inetd has an option > -R rate ... default is 256 ... > ... if more than 256 connections received in one minute [inetd] will > disable service for next 10 minutes ... > ... IP address of attacker will never be logged. > > IV. Workaround > > -R 0 -s your_ad_can_be_here I guess you are trying to say that xinetd is more configurable than inetd. Yes, it is known that with inetd you need tcp_wrappers to log attack IPs. Your cure is worse than the disease: rate limiting allows a DoS against the service, no limit allows a DoS against the whole machine. Cheers, Paul Szabo - psz@maths.usyd.edu.au http://www.maths.usyd.edu.au:8000/u/psz/ School of Mathematics and Statistics University of Sydney 2006 Australia