[ale] iptables limits?

James P. Kinney III jkinney at localnetsolutions.com
Fri Jun 3 12:10:07 EDT 2005


On Fri, 2005-06-03 at 11:45 -0400, Jim Popovitch wrote:

> 
>  -blocking 3,000+ IPs from ongoing port scan attacks
>  -blocking 2,500+ IPs from http/https scripting attacks
>  -blocking 1,200+ IPs from sending viruses and/or smtp port-knocking
> 
> I suppose I could be cruel and block the common subnets, but then
> instead of restricting 7,000 IPs I could be restricting 7M.
> 
> If 50,000 iptable rules don't cause any problems then why not use them?

It's not a problem, so use 'em. It's really only small hardware (slow
cpu, limited RAM) that has "issues" with huge rule sets.

But then those devices are sold at MicroCenter for home use anyway. All
they are good for is bulk blocking everything to port ABC.
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part




More information about the Ale mailing list