January 02, 2005
Adaptive Firewalls with Snort and SnortSam

I was browsing around some stuff for setting up Snort on my network and came across a link to SnortSam, which lets you modify your firewall based on Snort IDS rules. I'm thinking this will go a long ways towards setting up a way to kill off some of the comment spammers. IE: set up a rule that will detect if someone tries to hit mt-comments from the same IP more than say, once per second and then block them for an hour (or send a pingflood back to them, with a big "screw you spamming asshole" written on the nose, whichever you prefer :)

Posted by Arcterex at January 02, 2005 10:57 AM