Re: What to do with attackers?
On Friday 04 November 2005 08:29, Rakotomandimby Mihamina wrote:
>> Have you considered setting up a firewall? The best thing to do with
>> attackers is drop their packets.
>
>I dont aggree. Dorpping is not _the best_.
>He has the choice to REJECT or to DROP. It's a bit different.
>I'd vote for REJECTing.
Sorry, I don't agree. Rejecting the attackers packets just confirms
that you are indeed there. I'd much druther just be a black hole, a
bottomless bit bucket per sei. I drop them with iptables, and I have
tcpwrappers and portsentry standing guard also. Only 3 instances in 3
years have made it as far as having portsentry write a new hosts.deny
rule line. 2 of those got past iptabes because they came from a verizon
dns server I was using but had been kitted. I send vz a nastygram, and
they re-image the box till the next time.
>--
>A powerfull GroupWare: CPS (http://www.cps-project.org)
>A powerfull CMS : CPS (http://www.cps-project.org)
>opengroupware, SPIP, Plone, PhpBB, JetSpeed... are good.
>CPS is better.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.35% setiathome rank, not too shabby for a WV hillbilly
Free OpenDocument reader/writer/converter download:
http://www.openoffice.org
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
Reply to: