Is using a blacklist in iptables a good strategy?
netfilter at leangen.net
Wed Nov 30 15:51:58 CET 2005
> > I'm getting a little fed up with break-in attempts happening every
> > single day.
> My current way of doing this is using the ipt_recent
> so now I only block the 'strage connections' for some time...
> here's some copy/paste from my current ipt rule set
> it's a geoip patch for iptables, allows you to block entire countries,
> or you can allow connections from only certain countries.
Thanks for the great tips!
More information about the netfilter