On Friday 04 November 2005 08:29, Rakotomandimby Mihamina wrote: >> Have you considered setting up a firewall? The best thing to do with >> attackers is drop their packets. > >I dont aggree. Dorpping is not _the best_. >He has the choice to REJECT or to DROP. It's a bit different. >I'd vote for REJECTing.
Sorry, I don't agree. Rejecting the attackers packets just confirms that you are indeed there. I'd much druther just be a black hole, a bottomless bit bucket per sei. I drop them with iptables, and I have tcpwrappers and portsentry standing guard also. Only 3 instances in 3 years have made it as far as having portsentry write a new hosts.deny rule line. 2 of those got past iptabes because they came from a verizon dns server I was using but had been kitted. I send vz a nastygram, and they re-image the box till the next time. >-- >A powerfull GroupWare: CPS (http://www.cps-project.org) >A powerfull CMS : CPS (http://www.cps-project.org) >opengroupware, SPIP, Plone, PhpBB, JetSpeed... are good. >CPS is better. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) 99.35% setiathome rank, not too shabby for a WV hillbilly Free OpenDocument reader/writer/converter download: http://www.openoffice.org Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2005 by Maurice Eugene Heskett, all rights reserved. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
