Gentoo Archives: gentoo-security

From: Robert Larson <robert@×××××××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs
Date: Wed, 05 Oct 2005 16:52:50
Message-Id: 200510051146.17796.robert@sixthings.com
In Reply to: Re: [gentoo-security] [OT?] automatically firewalling off IPs by Dave Strydom
On Tuesday 04 October 2005 03:55 am, Dave Strydom wrote:
> You know what would be seriously awesome, is if they have a type of RBL > listing for this kind of thing, and you could just link your iptables up to > the rbl listings.
...
> I could then submit the IP address to a RBL listing site, and then all > people who plugin to the rbl listing could update their firewalls with the > latest listing.
This may not be the best solution pertaining to this particular thread, but the following site may be of use for this kind of a thing. I would recommend anyone managing a firewall to at least check it out, as it is a great resource: http://www.dshield.org/ If you wanted to perhaps ban the most popular (not to mention annoying) script kiddies (or ban and not log), you could write some form of a script that could just grab and parse one of these feeds: http://www.dshield.org/feeds_doc.php Then add some rules to your firewall, using whatever means necessary. HTH, Robert -- gentoo-security@g.o mailing list