Popular Posts

• Permanently Ban Repeat Offenders With fail2ban (UPDATED)The fail2ban suite is a very useful tool in the battle against brute force login attempts. Where it's capabilities broke down for me, however, was in addressing repeat offenders. This post includes a configuration to permanently block repeat offenders using the iptables firewall.
• iptables Processing Flowchart (Updated Often)I've created a flowchart that details the flow traffic takes through the various tables and chains of the Linux iptables firewall.
• Comcast Sets Customers Up as Phishing TargetsToday I received an e-mail message from Comcast extolling the [...]
• Logstash: BFD (Big Forensic Data)Presentation video and slides from last week's Security Weekly show, where I talked about Logstash in forensic investigations.

Recent Posts

• CDN, TLS, and WordPress - Oh My!This is a post that details how, after a great [...]
• Logstash: BFD (Big Forensic Data)Presentation video and slides from last week's Security Weekly show, where I talked about Logstash in forensic investigations.
• Slides from SANS @Night, Bangalore IndiaI really enjoyed giving a SANS @Night talk in Bangalore, [...]
• iptables Processing Flowchart (Updated Often)I've created a flowchart that details the flow traffic takes through the various tables and chains of the Linux iptables firewall.

Comments

• Phil HagenAh yes - nat/OUTPUT does allow that now. Hence the
• Bowserthanks for your reply. But, I check all the h
• Phil HagenAny packet generated by a local process - whether
• Bowserthanks. can you explain “Locally-generated Pack

Tags