On Wed, 2003-10-15 at 15:50, lrnobs wrote:
> If I put all these foreign countries addresses in iptables rules would there
> be a big performance hit?
>
> Is there a different way to do it?
Follow Michael's suggestions. Patch, patch, patch. Only run those services which are vitally necessary, and run tcp wrappers where feasible. Your idea would all be for naught, considering how easy it is for intruders to spoof.
Never mind the fact that crackers and script-kiddies will undoubtedly get illicit access to thousands of machines in the St. Louis area and within 300 miles of you, at which point they can attack you from close by. Geographic boundaries are not all that useful for what you want; just chalk it off as a good idea that is not realistic.
-- Rodolfo J. Paiz [EMAIL PROTECTED]
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
