On 12/04/2019 18:30, Mike Bird wrote:
On Fri April 12 2019 09:44:07 Michael Howard via trinity-users wrote:
I'm referring to 'block' lists, as provided by spamhaus.org and
dshield.org for example, which are made available to everybody and can
be downloaded as frequently as one likes/needs.
Spammers have rather different characteristics than the attackers
attempting to hack systems and guess passwords.
As an added barrier, I also have my own list of blocked IPs. These are
IPs which are not on the above lists that repeatedly connect, trying
different username/password combinations in succession. This list is not
permanent because as you say, they could well be infected slaves.
Infected PCs attempting to guess passwords and exploit bugs number
in the millions, with thousands of changes every day.
What is needed is defense in depth including staying up to date on
security patches, careful software configuration including firewalls,
various forms of packet rate limiting, encryption, fail2ban, reverse
DNS checks, SPF/DKIM, spam filters, and malware scanners.
Shakes head and gives up.
--
Mike Howard
---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx
Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/
Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
