1 |
On Tuesday 04 October 2005 03:55 am, Dave Strydom wrote: |
2 |
> You know what would be seriously awesome, is if they have a type of RBL |
3 |
> listing for this kind of thing, and you could just link your iptables up to |
4 |
> the rbl listings. |
5 |
... |
6 |
> I could then submit the IP address to a RBL listing site, and then all |
7 |
> people who plugin to the rbl listing could update their firewalls with the |
8 |
> latest listing. |
9 |
|
10 |
This may not be the best solution pertaining to this particular thread, but |
11 |
the following site may be of use for this kind of a thing. I would recommend |
12 |
anyone managing a firewall to at least check it out, as it is a great |
13 |
resource: |
14 |
http://www.dshield.org/ |
15 |
|
16 |
If you wanted to perhaps ban the most popular (not to mention annoying) script |
17 |
kiddies (or ban and not log), you could write some form of a script that |
18 |
could just grab and parse one of these feeds: |
19 |
http://www.dshield.org/feeds_doc.php |
20 |
|
21 |
Then add some rules to your firewall, using whatever means necessary. |
22 |
|
23 |
HTH, |
24 |
|
25 |
Robert |
26 |
|
27 |
|
28 |
-- |
29 |
gentoo-security@g.o mailing list |