Would there be any reason to not just blacklist the entire Ukraine ISP letting this out? May 28 10:30:37 dns1 named[5272]: client 91.207.5.165#62989: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:30:40 dns1 named[5272]: client 91.207.5.165#33158: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:30:50 dns1 named[5272]: client 91.207.5.165#18671: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:30:52 dns1 named[5272]: client 91.207.5.165#50611: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:30:57 dns1 named[5272]: client 91.207.5.165#18670: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:30:58 dns1 named[5272]: client 91.207.5.165#31387: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:30:59 dns1 named[5272]: client 91.207.5.165#27968: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:04 dns1 named[5272]: client 91.207.5.165#38157: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:05 dns1 named[5272]: client 91.207.5.165#62625: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:11 dns1 named[5272]: client 91.207.5.165#44911: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:13 dns1 named[5272]: client 91.207.5.165#32453: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:13 dns1 named[5272]: client 91.207.5.165#22595: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:20 dns1 named[5272]: client 91.207.5.165#22881: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:23 dns1 named[5272]: client 91.207.5.165#16250: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:23 dns1 named[5272]: client 91.207.5.165#7561: query (cache) ''editdns.info/TXT/IN'' denied May 28 10:31:25 dns1 named[5272]: client 91.207.5.165#54821: query (cache) ''editdns.info/TXT/IN'' denied ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com
Bill.Light@kp.org escribió:> Would there be any reason to not just blacklist the entire Ukraine ISP > letting this out?Yes, blacklisting an ISP only provides a false sense of security. ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
Cristian Rodriguez wrote:> Bill.Light@kp.org escribió: >> Would there be any reason to not just blacklist the entire Ukraine ISP >> letting this out? > > Yes, blacklisting an ISP only provides a false sense of security. >A better solution would be to use fail2ban and configure it to look for those messages. Paul ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
Paul Gear wrote:> Cristian Rodriguez wrote: >> Bill.Light@kp.org escribió: >>> Would there be any reason to not just blacklist the entire Ukraine ISP >>> letting this out? >> Yes, blacklisting an ISP only provides a false sense of security. >> > > A better solution would be to use fail2ban and configure it to look for > those messages.Or ignore them -- the source IP in DNS attack packets usually belongs to the victim, not the attacker... -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get