George Viera recently mentioned about using -m string to filter 'bad' packets.
Is there supposed to be a pre-requisite to the following command?
iptables -A INPUT -m string --string 'cmd.exe' -j DROP
(actually, I'm attempting this:)
iptables -A FORWARD -m string --string 'cmd.exe' -j DROP
I get a "iptables: No Chain/target/match by that name" error. I sense that it's complaining about '-m string'. I applied the string.patch and recompiled the kernel already. (btw, I'm using Slackware w/ 2.4.21 kernel).
Btw, how do I tell if the kernel contains the said patch?
Any help appreciated
I realize this will slow the system down a bit, but at this point I'm just testing out the option.
