Re: Use iptables to block all non-US ssh traffic

From: Chris Barnes (chris_at_txbarnes.com)
Date: 09/19/05

• Next message: Robert Glueck: "Am I infected with Back Orifice 2K?"
• Previous message: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• In reply to: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• Next in thread: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• Reply: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• Reply: Moe Trin: "Re: Use iptables to block all non-US ssh traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 19 Sep 2005 11:25:59 -0500

matt_left_coast <not@chance.org> wrote:
> Haven't you figured out there is no such list?

There is a HUGE world of difference between "technically no list" and
the "reality of what we need".

Frankly, I wouldn't care a wit if some of the blocked addresses are used
in the US. What matters is where *MY USERS* might be coming from. That
is a finite number and even for "world traveler physics professors", the
list isn't all that exhaustive.

cox-internet.com
verizon.net

(and these only because they are the 2 high speed internent providers in
our little town)

The rest all going to be predominately either US .edu sites, or US gov
research facilities (fermi lab, etc).

If I end up blocking some local isp in Caper, WY, that's probably a good
thing.

-- 
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Chris Barnes                              AOL IM: CNBarnes
chris@txbarnes.com                      Yahoo IM: chrisnbarnes
You always have freedom of choice, but you never have freedom of
consequence. 

---

• Next message: Robert Glueck: "Am I infected with Back Orifice 2K?"
• Previous message: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• In reply to: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• Next in thread: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• Reply: matt_left_coast: "Re: Use iptables to block all non-US ssh traffic"
• Reply: Moe Trin: "Re: Use iptables to block all non-US ssh traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: at first I thought this was a joke.... ... "Freedom, true freedom, is nothing more than intellectual advantage over others." ... "I didn't make reality, Sunshine, I just verbally bitch slapped you ... properly gauge the artistic worth of your own efforts." ... "Those who record history are those who control history." ... (alt.2600) Re: A Cyber-Attack on an American City ... shit to work correctly on it, or you bought shit grade, factory ... "Freedom, true freedom, is nothing more than intellectual advantage over others." ... "Don't ever fuck with someone who has more creativity than you do." ... "I didn't make reality, Sunshine, I just verbally bitch slapped you ... (alt.2600) Re: Anyone speak Klingon? ... it...most of which I still have...well the video games anyway. ... "Freedom, true freedom, is nothing more than intellectual advantage over others." ... "Don't ever fuck with someone who has more creativity than you do." ... "I didn't make reality, Sunshine, I just verbally bitch slapped you ... (alt.2600) Re: Dems may be worried ... We must be willing to pay a price for freedom. ... happen in any war thats a given.You might want to consider this.In ... The reality is Repugs are the gang who can't shoot straight. ... They use zillion dollar weapons to kill kids. ... (misc.news.internet.discuss)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2005-09