starting by iptable deny all of china is a good start. - Re: OT? Linux-based trojans now targeting WRT and other linux-based routers
kitepilot at kitepilot.com
kitepilot at kitepilot.com
Mon Mar 30 09:04:32 MST 2009
Agree too...
Man, I hate intelligent people, they make me look sooo dumb! :)
Very valid point.
ET
Craig White writes:
> I'm gonna ignore most of the implications of this and just say one thing
> that you're apparently not considering...
>
> Once you implement a methodology, you then become committed to
> maintaining the implementation and ip address ranges change, people go
> to China for visiting, other people might have to troubleshoot your
> implementations, etc. I try hard not to solve symptoms by implementing
> narrowly targeted solutions but rather focus on the larger problems. I
> see a lot of smtp thuggery coming from eastern Europe and South America,
> not just China. Postfix does a really good job of bandwidth and pipeline
> limiting.
>
> Craig
>
> On Mon, 2009-03-30 at 11:45 -0400, kitepilot at kitepilot.com wrote:
>> Agree...
>> But for as long as my people doesn't have friends in Asia, I may as well
>> block them all... :)
>> Enrique
>>
>>
>>
>> Craig White writes:
>>
>> > On Mon, 2009-03-30 at 08:30 -0400, kitepilot at kitepilot.com wrote:
>> >> And how do I:
>> >> "starting by iptable deny all of china" ?
>> >>
>> >> I can figure out the "iptable" part, it is the "china" part (and other
>> >> possible places where I know I will only get spam from) that I am unaware
>> >> of...
>> > ----
>> > I do not believe that this is constructive thinking. It's easy enough
>> > for someone in China to use a computer somewhere else as a base for
>> > operations and that security doesn't come from just arbitrarily picking
>> > ranges of ip addresses to block. Security would necessarily require
>> > effectiveness from virtually everywhere - possibly even your own
>> > 'trusted' lan.
>> >
>> > Spam control on the other hand doesn't rely much on iptables at all but
>> > rather many layers of implementation such as RBL's, greylisting
>> > (optional but effective), spamassassin, smtp level restrictions and
>> > more.
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
More information about the PLUG-discuss
mailing list