[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Using DShield.org Block list (Raq 550) iptables
- Subject: [cobalt-security] Using DShield.org Block list (Raq 550) iptables
- From: "Matthew Goade" <mgoade@xxxxxxxxxx>
- Date: Thu, 22 May 2003 11:23:39 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hello,
I'm trying to use the get_block.pl script to implement the recommended block
list generated by DShield.org.
Upon executing the script I get
# ./get_block.pl
Retrieve block list...
Retrieve block list signature...
Use of uninitialized value in concatenation (.) at ./get_block.pl line 69.
Check signature...
Could not find a valid trust path to the key. Let's see whether we
can assign some missing owner trust values.
No path leading to one of our keys found.
Cleanup iptable 'blocklist'...
iptables: Chain already exists
Populate blocklist...
Apparently... done.
If I now do
#iptables -L
Chain blocklist (0 references)
target prot opt source destination
DROP all -- 218.80.60.0/24 anywhere
DROP all -- 209.225.31.0/24 anywhere
DROP all -- YahooBB219033066000.bbtec.net/24 anywhere
DROP all -- 65.242.241.0/24 anywhere
DROP all -- 192.117.116.0/24 anywhere
DROP all -- q000.spacelan.ne.jp/24 anywhere
DROP all -- 218.102.92.0/24 anywhere
DROP all -- 151.155.152.0/24 anywhere
DROP all -- 194.149.133.0/24 anywhere
DROP all -- 216.12.65.0/24 anywhere
DROP all -- 210.85.211.0/24 anywhere
DROP all -- YahooBB219174076000.bbtec.net/24 anywhere
DROP all -- 202.101.236.0/24 anywhere
DROP all -- 24.65.26.0/24 anywhere
DROP all -- 204.196.19.0/24 anywhere
DROP all -- YahooBB219002052000.bbtec.net/24 anywhere
DROP all -- c-24-118-211-0.mn.client2.attbi.com/24 anywhere
DROP all -- 218.21.140.0/24 anywhere
DROP all -- 208.163.141.0/24 anywhere
DROP all -- 216.25.171.0/24 anywhere
RETURN all -- anywhere anywhere
Good, looks like it's working. My question is, is there any further tuning I
should do to make get_block.pl complain less? Is anyone else using this? All
comments welcome!
Thank you all.