[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] PortSentry 2.0b1 Beta released

Subject: Re: [cobalt-security] PortSentry 2.0b1 Beta released
From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
Date: Thu, 11 Apr 2002 13:18:19 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

"Mike Vanecek" <clist.mtv@xxxxxxxxxxxx> wrote:
> I then have the choice of putting that ip address (or
> range) into a permanent ip firewall block.

Are you using IPCHAINS to block the IPs, your router or something else?  How
many IPs or subnets are you blocking at any given time and do you find that
affects performance?  My philosophy is generally to only block IPs for a
short period of time (hours or days).  I base that on my experience that
most portscans and hacking attempts are from dialup IPs or rooted machines
so the threat from those IPs after a short period of time seems to be much
less.  Any thoughts?

--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/

Follow-Ups:
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Mike Vanecek

References:
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Chris Burton
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Gerald Waugh
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Mike Vanecek

Prev by Date: Re: [cobalt-security] PortSentry 2.0b1 Beta released
Next by Date: [cobalt-security] newbie question about dhcp/bootp server..
Previous by thread: Re: [cobalt-security] PortSentry 2.0b1 Beta released
Next by thread: Re: [cobalt-security] PortSentry 2.0b1 Beta released

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index