> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Jarrod Major > Sent: Monday, April 18, 2005 12:09 PM > To: 'CLUG General' > Subject: RE: [clug-talk] How do I block/ban IPs with IPCop? > Here's some links: > > http://www.linuxjournal.com/article/6811 > http://www.portknocking.org/
I highly recommend the portknocking.org link... read it all the way through, I had some questions about some possible ways a user could circumvent this but it was addressed later in the critique section. It's a good read and this guy is on the ball. It's not the ultimate line of defence but an excellent layer of many layers. The cool aspect is that the service that you are protecting likely has its own level of security. A cracker would have to compromise all layers to get access and even then a properly hardened system would likely not net them very much. Also a diligent sysadmin would also be likely to be on top of things and be monitoring for any feasible compromises. I take back what I said earlier... I would be willing to do a presentation on this... with some help. Anyone want to team up with me? I would be looking for someone who has set this up and used it. Jarrod _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
