How can i make a file server "not allow any more connections" if someone tries to click on it too many times for about a few seconds or so. Some people think trying to crash important servers is fun......... The file server is running linux samba.

Thanks

Check out this link (http://www.securityfocus.com/infocus/1729)
which explains how to setup a defense for the type of attack you mention on both Windows and Linux.

If you use IPtables the following (http://zedomax.com/blog/2007/12/03/diy-linux-dos-hack-howto-limit-your-the-max-number-of-tcp-connections-to-your-web-server/) may be useful too.


Hope this helps :)

Can i use this program to do this for internal and external interfaces?

http://www.snort.org/

Intrusion and prevention system

Sure, you should take a look at the snortsam (http://www.snortsam.net/) plugin.

Snort will send commands to snortsam, based on how its rules are setup, Snortsam in turn will interface with your firewall to block attacks for a time limit you define in the snort rule.

You will need to play around with your "DOS" rules and snortsam configuration to get snortsam working correctly for your network.

Hope this helps :)