[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
- Subject: Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
- From: Greg Hewitt-Long <greg@xxxxxxxxxxxxxxxxxxx>
- Date: Sat Sep 22 09:23:07 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
>----- Original Message -----
>From: "Scott F" <scott_falco@xxxxxxxxx>
>To: <cobalt-users@xxxxxxxxxxxxxxx>
>Sent: Saturday, September 22, 2001 3:54 PM
>Subject: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
>
>
>>
>> It actually has worked quite well and has dropped my
>> probes/scans from this windoz worm to just around
>> 20-40 per day now (unique IP's). I have 9 machines in
>> 3 locations, and I've managed to assemble a list of
>> around 500 unique IP's off each box (of course all
>> windoz cancer infected machines) using that script, so
>> it really isn't so bad. I really don't have a problem
>> blocking infected machines hammering away at my boxes.
>> And this has pretty much become a non-issue for me
>> since I started doing so, unlike the first day when it
>> hit the wild. :-)
>>
>> -Scott
>>
>
>Question, how did you configure your machines to block the infected ip
>addresses ?
>
>I would appreciate an example as I do not know how to do it.
>
>TYA
>
>Bill
(is this a Troll??)
You don't state which RAQ you are running - for the record, answers may not match if you don't do this.
IPChains will do this. The reply to Revd Payne's post by Gerald Waugh - it explains how to install IPchains & PMfirewall on a RAQ3 or 4.
Read the prior posts and all will become clearer - good luck installing pmfirewall successfully.
Greg Hewitt-Long
--
http://www.webyourbusiness.com/
Providers of E-Commerce Software &
Web Design Consultancy and Services.
PH: (970)266-0195 FAX: (970)266-0158