[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?

Subject: Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
From: "William Moore" <bmoore@xxxxxxxxxxxxxxxxx>
Date: Sat Sep 22 15:11:12 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

----- Original Message -----
From: "Greg Hewitt-Long" <greg@xxxxxxxxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Saturday, September 22, 2001 6:56 PM
Subject: Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?


> >----- Original Message -----
> >From: "Scott F" <scott_falco@xxxxxxxxx>
> >To: <cobalt-users@xxxxxxxxxxxxxxx>
> >Sent: Saturday, September 22, 2001 3:54 PM
> >Subject: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
> >
> >
> >>
> >> It actually has worked quite well and has dropped my
> >> probes/scans from this windoz worm to just around
> >> 20-40 per day now (unique IP's). I have 9 machines in
> >> 3 locations, and I've managed to assemble a list of
> >> around 500 unique IP's off each box (of course all
> >> windoz cancer infected machines) using that script, so
> >> it really isn't so bad. I really don't have a problem
> >> blocking infected machines hammering away at my boxes.
> >> And this has pretty much become a non-issue for me
> >> since I started doing so, unlike the first day when it
> >> hit the wild. :-)
> >>
> >> -Scott
> >>
> >
> >Question,  how did you configure your machines to block the infected ip
> >addresses ?
> >
> >I would appreciate an example as I do not know how to do it.
> >
> >TYA
> >
> >Bill
>
> (is this a Troll??)
>
> You don't state which RAQ you are running - for the record, answers may
not match if you don't do this.
>
> IPChains will do this.  The reply to Revd Payne's post by Gerald Waugh -
it explains how to install IPchains & PMfirewall on a RAQ3 or 4.
>
> Read the prior posts and all will become clearer - good luck installing
pmfirewall successfully.
>
> Greg Hewitt-Long
> --

No Greg,

Not a troll just a poorly worded question on my part.  I have 6 Raq2's and 1
Raq3 in my network.  along with several RH7.1 machines i have never been
good with ipchains,  so I was hoping for a real example.  I figured I could
adapt it to all of my machines, hence the reason for not giving what type I
have.

Bill

References:
- [cobalt-users] NIMDA Attacks - Anyway to deny requests?
  - From: Scott F
- Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
  - From: William Moore
- Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
  - From: Greg Hewitt-Long

Prev by Date: Re: RANT! Re: [cobalt-users] URGENT: JS/Kak@M virus on list.cobalt.com !!!
Next by Date: Re: [cobalt-users] Errors on httpd log file
Previous by thread: Re: [cobalt-users] NIMDA Attacks - Anyway to deny requests?
Next by thread: [cobalt-users] NIMDA Attacks - Anyway to deny requests?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index