actually - regarding spams and System attacks - it's not really the fact that the people are having open systems attacking etc. that is going on my nerves - rather the fact that I can not really block out spam berfore it get's delivered. How would you block spam coming through a system, e.g. smurphy_at_linux.de you trust ? I can't really do that.
However - I do have a possibility to visualise the number of spam attempts and HTTP-System attacks on my server.
Since I use spamassassin and I'm having my own blacklist (domains/IP's), the spam attempts have gone down. But if you check http://www.solsys.org/system.php under Mail/System attacks you'll see that through the average (Note, you can click on the Index-image for details) of 5minutes display, it's quite a lot what is happening there.
My option is to check from time to time what where the worth time where I had system attacks - then block the IP-Address Class-C ranges out through a DROP-policy in ip-tables.
I'll be checking the mentionned article under http://articles.linuxguru.net/view/125
Maybe I'll have a better protection by then.
Anyone has another hint on how to have a proactive way of preventing from spam ? Or good links to Howto's for including one of the distributed blacklists into the own mail-daemon ?
Thx & Cheers
Joerg
Dave Laird wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Good evening, Pierre...
On Friday 14 March 2003 06:04 pm, Pierre Fortin wrote:
Got a pointer to the "strings' stuff...? I'm running 8.2 on my main server (9.0 issues)...
http://articles.linuxguru.net/view/125
It would seem, based upon my reading the page, that most of us will have to
patch our kernels before this will work, so being somewhat idle, I promptly
downloaded the patch and applied it to the RedHat kernel running on one of
my "spare" boxes, rebooted and tested it. Heck, it works. However, I should
say that it slowed things down quite a bit, running only 64M of memory. I
don't have anything scientific to prove that, just the observation. However,
within five minutes, it did capture and DROP a set of packets. I was
impressed.
What have you tried in this matter? Feel free to take this thread offline -- we can summarize back...
There it is. I'm going to experiment some more with this with a box and see
if there are any additional drawbacks to using an iptables filter to trap
Code Red. Then I'll summarize back here what I find. I'm still somewhat
surprised how easily it all flew together, and it works! 8-)
Dave
- -- Dave Laird ([EMAIL PROTECTED])
The Used Kharma Lot / The Phoenix Project Web Page: http://www.kharma.net updated 03/05/2003
Usenet News server: news.kharma.net
Musicians Calendar and Database access: http://www.kharma.net/calendar.html
An automatic & random thought For the Minute: A couch is as good as a chair.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+cpMyaE1ENZP1A28RAplBAJ9pqwkdZzlvOFY+K011rxYhMwioCQCfRScv YRG3LshGO6a49ITfX8bhJcE= =K8ry -----END PGP SIGNATURE-----
------------------------------------------------------------------------
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
-- ------------------------------------------------------------------------ | Joerg Mertin : [EMAIL PROTECTED] (Home)| | in Neuch�tel/Schweiz : [EMAIL PROTECTED] (Work)| | Stardust's LiNUX System : | | PGP 2.6.3in Key on Demand : Voice & Fax: +41(0)32 / 725 52 54 | ------------------------------------------------------------------------ Home-Page: http://www.solsys.org
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
