[wellylug] Blocking bad IPs from server

Cliff Pratt enkidu at cliffp.com
Sat Jan 27 11:06:00 NZDT 2007


John Durham wrote:

> Daniel Pittman wrote:
>>   
> At this stage I am far from compiling modules. It's not like my old Z80 
> days compiling from assembler any more. I'm not even sure of the 
> language you are talking about. What would it be? Thanks for the 
> fail2ban recommendation.
> 
[lot's snipped]

John, what ports do you have open to the Internet? If you only have 
ports 80 (http) and 443 (https) open to the Internet, then there is 
little to be gained from a blacklist. A better approach would be to 
ensure that nothing on your machine is vulnerable, and that principally 
means not opening any incoming ports and ensuring that you only have 
safe scripts. The last bit is the hardest.

Cheers,

Cliff




More information about the wellylug mailing list