[SLL] collaborate on a dnsbl?
Jeremy C. Reed
reed at reedmedia.net
Thu May 12 13:23:55 PDT 2005
On Thu, 12 May 2005, Russell Evans wrote:
> On Thu, 12 May 2005 12:48:26 -0700 (PDT)
> "Chuck Wolber" <chuckw at quantumlinux.com> wrote:
>
> > lately. I would love to have my servers dynamically add an iptables
> > rule to block ssh connection attempts.
>
>
> Why do you need ssh access from any but known hosts? ( Does that
> sentence work? ) I would think on servers, you would already block ssh
> connections from all hosts except from a trusted "management" host /
> network.
I would extend this packet filter list to beyond just SSH. It would be
very useful for when Code Red/Nimda type worms and email virus repeatedly
attack.
At some ISPs, I used a simple script that watched web logs and then added
route to blackhole automatically.
Blocking at packet filter (or blackhole routing) level takes all load off
of the MTA and its related mail filtering.
And being able to share these known bad IPs to others is a great idea.
Jeremy C. Reed
BSD News, BSD tutorials, BSD links
http://www.bsdnewsletter.com/
More information about the linux-list
mailing list