On Tuesday 04 October 2005 03:55 am, Dave Strydom wrote: > You know what would be seriously awesome, is if they have a type of RBL > listing for this kind of thing, and you could just link your iptables up to > the rbl listings. ... > I could then submit the IP address to a RBL listing site, and then all > people who plugin to the rbl listing could update their firewalls with the > latest listing.
This may not be the best solution pertaining to this particular thread, but the following site may be of use for this kind of a thing. I would recommend anyone managing a firewall to at least check it out, as it is a great resource: http://www.dshield.org/ If you wanted to perhaps ban the most popular (not to mention annoying) script kiddies (or ban and not log), you could write some form of a script that could just grab and parse one of these feeds: http://www.dshield.org/feeds_doc.php Then add some rules to your firewall, using whatever means necessary. HTH, Robert -- [email protected] mailing list
