IPCHAINS Help
beesond001 at hawaii.rr.com
beesond001 at hawaii.rr.com
Sat Oct 20 00:35:00 PDT 2001
Warren,
I saw that article in LinuxToday. So far my list isn't too long, but
you bring up a good point, maybe I would write a script to check that
length once in a while.
Ben
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 10/18/01, 11:00:08 PM, "Warren Togami" <warren at togami.com> wrote
regarding [luau] Re: IPCHAINS Help:
> Re: [luau] Re: IPCHAINS HelpPortsentry WONT miss anything, but be careful
to
> clear your TCP wrappers and routes every few weeks or so, because the
list
> may become very long and increasingly hamper performance over time.
There
> is also the chance that through spoofing erroneous hosts were added to
your
> blacklist, effectively cutting yourself off from those hosts.
> I highly recommend turning off the automatic portsentry blacklisting,
> because it is far too easy for someone to add hundreds or even thousands
of
> hosts to your blocks. A few months ago there was an link from LinuxToday
> about this guy who wrote a daemon that will allow you to auto-block hosts
> for a certain period of time, say 1-6 hours, then unblock them. That
would
> cut off attacks in progress, while not clogging up your system with many
> permanent blocks.
More information about the LUAU
mailing list