IPTABLES question
Bruno Wolff III
bruno at wolff.to
Wed Jul 19 11:12:50 UTC 2006
On Tue, Jul 18, 2006 at 15:01:40 -0500,
Michael Yep <myep at remotelink.com> wrote:
> I have heard of this method, but I thought it was better to stop them at
> the firewall level. right?
There isn't a lot of point to what you are doing. Generally you want
the port blocked by default and use a white list to allow connections.
Maintaining a blacklist is more work and generally doesn't gain you real
security. It might pay in some cases to slow down password guessing, but
your passwords should be chosen well enough to have even tens of thousands
of guesses not have a significant chance of success. If you have other
users you don't trust to have chosen strong enough passwords, then you
might look at rules that block repeated tries from the same IP address.
More information about the users
mailing list