Whoa, sorry, just noticed that those were ipchains rules, not iptables - I
don't know anything about ipchains, so please disregard my previous e-mail.
----- Original Message -----
From: "Michael Stack" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 21, 2001 1:53 PM
Subject: Re: Re[2]: Massive ipchains
> Might it not make more sense to create DROP rules for those IP addresses,
> rather than DENY? My understanding of iptables rules is somewhat limited,
> but if you use DROP rules, won't that at least slow down the infected
> machine, waiting for the connection to your Linux box to time-out?
>
> [snip]
>
> > >
> > > I already have a shell script ready to go containing ~2400 lines of:
> > >
> > > /sbin/ipchains -I input -s 208.3.252.37 -j DENY
> > > /sbin/ipchains -I input -s 208.165.50.100 -j DENY
> > > /sbin/ipchains -I input -s 208.242.215.200 -j DENY
> [snip]
>
>
>
> _______________________________________________
> Seawolf-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/seawolf-list
>
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
