starting by iptable deny all of china is a good start. - Re: OT? Linux-based trojans now targeting WRT and other linux-based routers
Craig White
craigwhite at azapple.com
Mon Mar 30 08:38:56 MST 2009
On Mon, 2009-03-30 at 08:30 -0400, kitepilot at kitepilot.com wrote:
> And how do I:
> "starting by iptable deny all of china" ?
>
> I can figure out the "iptable" part, it is the "china" part (and other
> possible places where I know I will only get spam from) that I am unaware
> of...
----
I do not believe that this is constructive thinking. It's easy enough
for someone in China to use a computer somewhere else as a base for
operations and that security doesn't come from just arbitrarily picking
ranges of ip addresses to block. Security would necessarily require
effectiveness from virtually everywhere - possibly even your own
'trusted' lan.
Spam control on the other hand doesn't rely much on iptables at all but
rather many layers of implementation such as RBL's, greylisting
(optional but effective), spamassassin, smtp level restrictions and
more.
Craig
More information about the PLUG-discuss
mailing list