I am proud to announce the release of AS_IPFW 4.0. AS_IPFW is designed to be a firewall API, but also has some rulesets that can be used as-is in many situations. Version 4.0 adds support for kernel-level iptables-based STEALTH SCAN (tcp half open) detection -- a first according to my research (with a nameful search engine). It also dramatically slows down TCP FNX (FIN/NULL/XMAS) scans -- by more than 50000%, and UDP by more than 65000%! On top, it provides back false information to do the best in hindering and confusing hostile actions. You are welcome to read the "Technical Details" I have written if you are interested (that's what has delayed this release so long). Some parts of AS_IPFW 4.0 have not yet received thorough testing (as is usual with x.0 releases). You are encouraged to do so, but beware, it takes kernel and iptables patches to get it going. A big thanks goes out to the creators of the CONNMARK, RANDOM, REJECT, TARPIT and goo matches/targets, which make up the essence of this release. http://freshmeat.net/p/AS_IPFW/
