 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Ward Vandewege wrote: >> What are you using to integrate p0f with your MTA? > > Just a bunch of exim rules that call a (slightly modified version of) the p0f > client. What p0f client? The readme referenced a sample query client command line tool (p0fq). Is it that? So each inbound message fires off a command line process? Doesn't exim support milters or something similar to Postfix's policy servers? Having a little Perl daemon provide the glue between one of those interfaces and the p0f socket seems like the way to go. >> What specific rules are you using? > > I'm doing selective greylisting. If the other side runs Windows, I greylist. OK, but are you using the p0f option to generally categorize the OS (-D), rather than trying to determine the specific OS? Are you doing anything with the link type data? > ...afaict there are no vista signatures in the default > p0f database. Ack, looks like the package I'm playing with has databases that date back to 2004. No wonder. Though the ones from the main site (both production and development snapshot) are from 2006. Is there a source for better signature databases? -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list [hidden email] http://lists.blu.org/mailman/listinfo/discuss
