Re: IPTABLES question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Tue, Jul 18, 2006 at 15:01:40 -0500,
  Michael Yep <[email protected]> wrote:
> I have heard of this method, but I thought it was better to stop them at
> the firewall level. right?

There isn't a lot of point to what you are doing. Generally you want
the port blocked by default and use a white list to allow connections.
Maintaining a blacklist is more work and generally doesn't gain you real
security. It might pay in some cases to slow down password guessing, but
your passwords should be chosen well enough to have even tens of thousands
of guesses not have a significant chance of success. If you have other
users you don't trust to have chosen strong enough passwords, then you
might look at rules that block repeated tries from the same IP address.

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux