richard.welty at bankofamerica.com
Fri Nov 4 18:34:12 UTC 2005
Paul Howarth write:
>> Isn't that just putting a "bandaid" on the problem ... I mean, isn't the
>> list of ip addresses that i firewall off eventually going to be too big to
>That may depend on how many different sites attempt dictionary attacks
>on your server. I wouldn't expect it to be that large a list really,
>unless someone's particularly trying to reach *your* users.
i'd also argue that these attacks are probably being done from botted
hosts, and as such will probably be moving around. in other words,
the way you'd want to maintain the list is keeping track of the dates
when IPs were added and aging older ones off, which would help keep
the list size managable.
More information about the users