Need help!
Jack
quiet_celt at yahoo.com
Mon May 2 09:14:16 CDT 2005
--- Frank Wiles wrote:
> On Sun, 1 May 2005 20:27:02 -0700 (PDT)
> Jack <quiet_celt at yahoo.com> wrote:
>
> > I have about half of the addresses blocked, but
> what
> > is
> > the impact of adding 150 ip addresses to iptables
> with
> > potentially hundreds more over time? At what point
> > will iptables eat up all my bandwidth in blocking
> > addresses?
>
> Just to add to what Dave said...
>
> I have a production server that is fairly low end
> hardware that
> currently has 2952 iptables rules that block
> individual IPs, several
> /24 networks, and a handful of /16s. There is no
> noticeble impact
> on the box.
Wow! That's great news! Ok, so the plan looks rto be
to add the ipaddresses to iptables and change the port
for sshd. Other ports are being probed and attacked,
but not as frequently and not nearly as aggressively.
I'll modify my blacklist gathering script to
automatically add the new addresses to iptables and
send me an email listing the new addresses.
Thanks everyone!
Brian
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Kclug
mailing list