Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Ben Anderson <ben@...>
Subject: Re: If your interested
Date: Mon, 10 Oct 2005 15:20:10 +1000
It may make sense for small, limited users machines, but what about 
servers that are intentionally advertising ssh for it's users globally, 
so can't use port knocking, can't block all of korea (as some users 
definatly connect from there) and so on...

Seems to me blocking large chunks of the net because they're a pain is a 
short term solution that's going to cause long term pain for the 
internet at large if it's allowed to become standard practice...

Shouldn't this list focus on the general, base level security rather 
than specific work-arounds for these type of issues that don't apply to 
a lot of boxen?

2c out.
Ben




Dave Strydom wrote:
> I think there is an easier way of doing this...
> 
> Why not use the GEOIP IPTABLES patch and then just use this in your 
> firewall:
> 
> -----------------------------------------------------------------------------------------
> $IPTABLES -A INPUT -p tcp -m geoip --src-cc CN -j DROP
> $IPTABLES -A INPUT -p tcp -m geoip --src-cc KR -j DROP
> $IPTABLES -A INPUT -p tcp -m geoip --src-cc TW -j DROP
> $IPTABLES -A INPUT -p tcp -m geoip --src-cc HK -j DROP
> -----------------------------------------------------------------------------------------
> 
> This way you have 4 simple rules which do the work of that entire script.
> 
> 
> On 10/10/05, *Taka John Brunkhorst* <antiwmac@... 
> <mailto:antiwmac@...>> wrote:
> 
>     nice but why do we need to block them?
>     ssh worms? or just lamers?
> 
>     -- 
>     antiwmac@... <mailto:antiwmac@...>
>     Taka John Brunkhorst 
> 
> 
-- 
gentoo-security@g.o mailing list


Replies:
Re: If your interested
-- Brian Micek
Re: If your interested
-- Bernhard Egger
References:
If your interested
-- Brian Micek
Re: If your interested
-- RADDS Support Team
Re: If your interested
-- Craig
Re: If your interested
-- Brian Micek
Re: If your interested
-- Taka John Brunkhorst
Re: If your interested
-- Dave Strydom
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: If your interested
Next by thread:
Re: If your interested
Previous by date:
Re: If your interested
Next by date:
Re: If your interested


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.