[olug-colo] IRC policy

Phil Brutsche phil at brutsche.us
Fri Apr 3 21:36:45 EDT 2009

The technological means are easy - have the router drop packets with the
TCP SYN flag set destined for whatever port number IRC uses (6667?).

The monitoring is easy - a firewall rule to allow but log said traffic.
We'll need people watching logs anyway.

Incidentally that's one of the advantages of running an IDS ;)

Dan Clough wrote:
> Unless there's some affordable technological means of preventing use,
> I'd say we're better off using the honor system and occasionally
> monitoring port usage for suspicious boxen.


Phil Brutsche
phil at brutsche.us

More information about the olug-colo mailing list