Is using a blacklist in iptables a good strategy?
netfilter at leangen.net
Tue Nov 29 09:21:15 CET 2005
I don't know why, but I'm getting a little fed up with break-in attempts
happening every single day.
Do I just have to accept this as a fact of life?
I started keeping a list of IP addresses that I'm just going to
blacklist, but this does not seem like a maintainable solution. For now,
I'm just adding lines like so:
-A INPUT -s xxx.xxx.xxx.xxx -j BLACKLIST
-A BLACKLIST -j DROP
What is common practice?
Is it possible to blacklist any packets that come from a server from a
Thanks for the advice!
More information about the netfilter