Re: SSH IP BlockingFrom: James Riden (email@example.com)
- Next message: TC: "Re: Iptables state"
- Previous message: Iain Brown: "Re: rename root account"
- In reply to: Tim Haynes: "Re: SSH IP Blocking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: James Riden <firstname.lastname@example.org> Date: 18 Apr 2002 17:04:42 +0100
Tim Haynes <email@example.com> writes:
> You're going to get *FAR* more one-port single-SYN scans, or occasional
> SYN+FIN scans, and never hear from the IP# again. Unless you *really* know
> better, I suggest you're going to waste your firewall rules on folks who're
> never coming back - do let me know if you get anything like >1% repeat
> offenders, right?
If you don't mind blocks instead of individual IPs, t-online and
wanadoo are far above 1%.
-- James Riden / firstname.lastname@example.org My opinions are my own, not the University's. "When in Rome; burn it." -- GCU Arbitrary