| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Blocked IP`s |
06 Jul 15 11:07, you wrote to MATT BEDYNEK: MB>> It is like fishing. Cast a line in the water and eventually you get MB>> a bite. For these dictionaries are used to crack passwords. The only MB>> guessing is in username. Believe it or not these work quite well MB>> when the work is distribu among hundreds of compromised zombie hosts. MB>> If you can change your pop ser port it is recommended to close that MB>> hole entirely. DS> With VADV32, I've blocked all email IP's, except the incoming ones DS> from my email server. If they repeatedly try to crash the deal here, DS> it ends up in the cached IP file (which then refuses the connection DS> entirely), or I'll put it in the blocked IP address...same result. the thing i never liked about doing that is that it leaves the server to deal with the rejections instead of serving answers to requests... one can be DDoSed by simply having rafts and rats of blocked IPs hitting all at once for a sustained period... i prefer a dedicated protection system for that purpose... then there's the thing about dynamic IPs being in the block lists... most of those are from compromised machines that get cleaned up and/or get a new IP... when that happens, the old blocked IP is taking up room and shouldn't be in the list any more since it is no longer dangerous... the system i use blocks only known attacks and for a limited random time limit after which the IP is removed from the block list... as long as the attacking IP tries to connect, the blocking limit is extended... the only way out is for them to move on to another system and let the blocking period elapse... that allows them to connect normally again and if they start another attack, they are blocked again... the system works very well and i do not end up with thousands of blocked IPs to try to manage manually... my blocking system is currently managing an average of 300 blocked IPs instead of thousands upon thousands... since it is also automated, i'm not burdened with having to maintain the lists of IPs... i tried that one time before implementing my current system and found myself spending 10 - 12 hours a day doing nothing but IP management and not getting anything else done at all... )\/(ark ... We all know you're a masticator. ---* Origin: (1:3634/12.73) SEEN-BY: 203/0 633/267 280 640/384 1384 690/682 712/620 848 770/1 @PATH: 3634/12 123/500 140/1 221/0 1 203/0 640/384 712/848 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.