Tonight, I got a early copy of a book on firewalls, to read and review for No Starch Press. This got a solution for the problem described on this blog a few days ago: The tools for the script kiddies today are seriously heavy
The solution described in the book are elegant and simple: Combine different tools for network intrusion detection, with tools for network exploitation, and make them controle parts of the Iptables system (see the unreliable guides for more information about it, from the original head behind Iptables)
The result is (according to the author) a firewall better qualified for blocking the blackhats than any other firewall I´ve seen / heard of / read about.. There are many closed-source firewalls who claim to be able to do that, this book describe the only sensible solution seen so far (including the PF – based systems)
This weekend is probably too busy, but one of these nights I´m going to make a firewall as described in the book – and see what results one get by having and using a firewall like that
