On Fri April 12 2019 09:44:07 Michael Howard via trinity-users wrote: > I'm referring to 'block' lists, as provided by spamhaus.org and > dshield.org for example, which are made available to everybody and can > be downloaded as frequently as one likes/needs. Spammers have rather different characteristics than the attackers attempting to hack systems and guess passwords. > As an added barrier, I also have my own list of blocked IPs. These are > IPs which are not on the above lists that repeatedly connect, trying > different username/password combinations in succession. This list is not > permanent because as you say, they could well be infected slaves. Infected PCs attempting to guess passwords and exploit bugs number in the millions, with thousands of changes every day. What is needed is defense in depth including staying up to date on security patches, careful software configuration including firewalls, various forms of packet rate limiting, encryption, fail2ban, reverse DNS checks, SPF/DKIM, spam filters, and malware scanners. --Mike --------------------------------------------------------------------- To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/ Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
