Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Mon, Oct 02, 2006 at 03:59:33PM -0400, John Abreau wrote: > I dealt with it by blocking the ip addresses with > > route add -net 211.152.33.0/24 reject > > which interrupted the attack before the server could lock up. > And I just got yet another alert, a few minutes ago; these > assholes seem determined to break in. > > One concern I have is that these routes will gradually > clog up my routing table. Also, this machine is our external > mail server, and we have customers in China, so I can't just > block off all of China. TCP Wrappers -- vsftpd.conf: tcp_wrappers limit connectivity per IP: vsftpd.conf: max_per_ip limit connectivity over-all: vsftpd.conf: max_clients use limiting features of xinetd or other wrapper use the firewall's blocking features -- this is hidden behind a firewall, right? use an RBL lookup before granting access; maintain your own RBL. -dsr- -- .-.. -... .... . --.. .-. ..-. ..-. -. - .-. ...- ..-. -... --- ..-. .--. .-. .- .-. ...- .- ..-. -... --.. .-. -.-. -. . --. -... ... --. ..- .-. .--- -... . -.-- --.- ..-. ..- ...- --. ..-. -... ...- ..-. --. ..- ...- ..-. -... .- .-. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |