starting by iptable deny all of china is a good start. - Re: OT? Linux-based trojans now targeting WRT and other linux-based routers

kitepilot at kitepilot.com kitepilot at kitepilot.com
Mon Mar 30 08:45:11 MST 2009


Agree...
But for as long as my people doesn't have friends in Asia, I may as well 
block them all...   :)
Enrique 

 

Craig White writes: 

> On Mon, 2009-03-30 at 08:30 -0400, kitepilot at kitepilot.com wrote:
>> And how do I:
>> "starting by iptable deny all of china" ?  
>> 
>> I can figure out the "iptable" part, it is the "china" part (and other 
>> possible places where I know I will only get spam from) that I am unaware 
>> of... 
> ----
> I do not believe that this is constructive thinking. It's easy enough
> for someone in China to use a computer somewhere else as a base for
> operations and that security doesn't come from just arbitrarily picking
> ranges of ip addresses to block. Security would necessarily require
> effectiveness from virtually everywhere - possibly even your own
> 'trusted' lan. 
> 
> Spam control on the other hand doesn't rely much on iptables at all but
> rather many layers of implementation such as RBL's, greylisting
> (optional but effective), spamassassin, smtp level restrictions and
> more.  
> 
> Craig 
> 
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


More information about the PLUG-discuss mailing list