From: kaih@khms.westfalen.de (Kai Henningsen)
To: linux-kernel@vger.kernel.org
Subject: Re: Writes to mounted devices containing file-systems.
Date: 11 Aug 2001 14:28:00 +0200 [thread overview]
Message-ID: <86efRzFmw-B@khms.westfalen.de> (raw)
In-Reply-To: <Pine.GSO.4.21.0108101503250.28666-100000@weyl.math.psu.edu>
In-Reply-To: <Pine.LNX.3.95.1010810075750.10479A-100000@chaos.analogic.com> <Pine.GSO.4.21.0108101503250.28666-100000@weyl.math.psu.edu>
viro@math.psu.edu (Alexander Viro) wrote on 10.08.01 in <Pine.GSO.4.21.0108101503250.28666-100000@weyl.math.psu.edu>:
> On Fri, 10 Aug 2001, Richard B. Johnson wrote:
> > I have about 20 megabytes of logs showing the machine being
> > attacked from inside our firewall. Each time an attack occurred,
> > I would firewall-out its phony IP address (ipchains). A few hours
> > later the cycle repeated with another phony IP address.
>
> Instead of trying to see WTF was going on and fixing the problem instead
> of symptoms? _Real_ smart... Or, at least, block everything except the boxen
> that have any business accessing it? You know, with explicit "accept" rules
> in the beginning of the chain with catch-all "reject" after them...
Or at least use something like portsentry. Suspicious packets? Block
first, ask questions later.
MfG Kai
next prev parent reply other threads:[~2001-08-11 15:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-08-10 12:43 Writes to mounted devices containing file-systems Richard B. Johnson
2001-08-10 13:07 ` Alan Cox
2001-08-10 13:23 ` Helge Hafting
2001-08-10 13:56 ` Anton Altaparmakov
2001-08-10 14:22 ` Matt
2001-08-10 18:04 ` Steve VanDevender
2001-08-10 19:18 ` Alexander Viro
2001-08-11 12:28 ` Kai Henningsen [this message]
2001-08-10 19:21 ` H. Peter Anvin
2001-08-11 13:47 ` Adrian Bridgett
2001-08-11 19:16 ` H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86efRzFmw-B@khms.westfalen.de \
--to=kaih@khms.westfalen.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox