Re: Question on Blocking an ISP.

From: Devdas Bhagat (devdas@dvb.homelinux.org)
Date: 12/03/02

Next message: Byrne Ghavalas: "Re: Protect folder data."

Previous message: James McGee: "Monitored.By.hAcxFtpScan"
In reply to: Chris: "Question on Blocking an ISP."
Next in thread: Neal K. Groothuis: "Re: Question on Blocking an ISP."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 3 Dec 2002 08:11:38 +0530
From: Devdas Bhagat <devdas@dvb.homelinux.org>
To: security-basics@securityfocus.com

On 30/11/02 04:21 -0500, Chris wrote:
<snip>
> I'm blocking these ips though IPchains, but i really would like to know how
> to get every class owned by aol so i can block them all.
If you run your own email servers, use access.db
@aol.com REJECT

A whois on aol.com shows 4 different netblocks.

Devdas Bhagat

Next message: Byrne Ghavalas: "Re: Protect folder data."
Previous message: James McGee: "Monitored.By.hAcxFtpScan"
In reply to: Chris: "Question on Blocking an ISP."
Next in thread: Neal K. Groothuis: "Re: Question on Blocking an ISP."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: code red attacks and real-time blackholeng
... > some time ago I asked if somebody had any idea how to real-time blackhole ... > ip-adresses to port 80 with ipchains who try to set off the code red virus ... > 1) the above port 80 blocking makes sense if tcp and udp are blocked or is tcp sufficient? ... "codered blocking" chain thussly: ...
(Incidents)
Re: O_NOBLOCK increases UDP socket latency
... exceptional circumstances (eg signals and error conditions) ... using blocking IO, into an event-driven form. ... > write on a blocking socket I may have to reconsider that position a bit. ...
(comp.programming)
Re: IPS Implementaion
... I also recommend monitoring and blocking different traffic differently. ... critical traffic on the networks with the IPS. ... At this point a small IDS staff should not turn on ... Some large organizations have formal change control procedures. ...
(Focus-IDS)
Re: IPS Testing
... Chances are the IPS is blocking your IP because of the malicious ... established TCP session I wouldn't be too concerned about an attacker ... I am doing a PT for a customer and found that after running nessus ...
(Pen-Test)
RE: NIPS Vendors explicit answer
... been pointing out that the real measure of security is how gracefully it ... an IPS correctly would already have patching fairly well in hand. ... > until the hosts are patched. ... <snip snip> ...
(Focus-IDS)