-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Haven't gotten those packets before, however I have gotten lots of login attempts from that widespread SSH dictionary attack. On Mon, Oct 25, 2004 at 08:50:15PM -0700, Ralph W. Reid wrote: > Recent comments here and elsewhere concerning degenerating network > performance led me to take a closer look at my own system, and I > discovered that the numerous attempts by other systems to connect on > my ISP's network were not being blocked by my firewall, and were > therefore reaching my system. I do not think these numerous connect > and IP requests were doing direct harm to my system, but packets were > getting here that had no business getting here. I added some rules to > my firewall, and if my system's performance today (Monday) can be used > as an example, my network stability and responsiveness have improved > noticeably. Note that I thought I had rules at the end of my firewall > script which I believed should have caught everything that had not > been previously defined, but the source address 0.0.0.0 seems to have > been slipping through anyway. Here are the rules which are now > logging and dropping these requests. Note that if you have a similar > amount of this kind of traffic on your network, logging all of these > events can rack up considerable disk space usage--use these rules with > care, and at your own risk. Note also that if your system is supposed > to be providing bootps services, you may not want to add these rules > to your system. > > iptables --append INPUT -i eth0 -s 0.0.0.0 -j LOG --log-prefix "REMOTE LOCALHOST DROP " > iptables --append INPUT -i eth0 -s 0.0.0.0 -j DROP > > I hope this stuff proves useful, and have a _great_ day. > > -- > Ralph. N6BNO. Wisdom comes from central processing, not from I/O. > rreid at sunset.net http://personalweb.sunset.net/~rreid > Opinions herein are either mine or they are flame bait. > CIRCLE AREA = _pi * r ^ 2 > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup - -- "The answer to life, the universe, and everything is 42." -- Douglas Adams -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFBfiV6Nohoaf1zXJMRAv93AJ95dFEhTG1CJklpWpYRevGMBG3ReACfXrg3 MW/BoXi7KH5AUL49g+9/9Nk= =1k4H -----END PGP SIGNATURE-----
