Hello Michael,
Friday, September 21, 2001, 1:53:40 PM, you wrote:
MS> Might it not make more sense to create DROP rules for those IP addresses,
MS> rather than DENY? My understanding of iptables rules is somewhat limited,
MS> but if you use DROP rules, won't that at least slow down the infected
MS> machine, waiting for the connection to your Linux box to time-out?
Yes, it probably would. But from what I've read, you'll be keeping a
small amount of bandwidth sidelined to the waiting request. If we
were talking just a few IPs, that wouldn't be a problem. But with
2400 addresses, the resource consumption could prove to be too much.
The weekend's coming up. Maybe we'll get some relief for a day or
two.
--
Best regards,
Brian Curtis
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
