Mailinglist Archive: opensuse (3470 mails)
| < Previous | Next > |
Re: [SLE] Firewall is getting hammered...help
- From: gary <gv-dated-1064860534.pfcbkchi@xxxxxxxxxxxxxxxxx>
- Date: Mon, 29 Sep 2003 13:37:41 -0500
- Message-id: <20030929183741.13939.qmail@xxxxxxxxxxxxxxxxxxxxxxxx>
On Mon, Sep 29, 2003 at 07:11:49PM +0100 or thereabouts, Stephen wrote:
> John Lamb wrote:
> >Port 135 (DPT=135) is used for M$ RPC calls and its security holes are
> >exploited by various M$ diseases (I think lovsan is one). I've a SuSE
> >box on a 16-bit network with lots of Win2k boxen on it and I get about
> >60 of these a day at the moment.
> >
>
> Your lucky, I have been getting over 10,000 a day for the last few weeks.
> >There's not much you can do other than change ISP. Eventually the
> >messages will die away.
> They do seem to be dying off, only 4,500 today so far.
from the C/L
iptables -A INPUT -s worse.IP.Addresses -d 0/0 --proto all -j DROP
set it, and forget it.
--
Gary
My husband bought me a mood ring the other day. When I'm in a good mood,
it turns green. When I'm in a bad mood, it leaves a red mark on his
forehead.
> John Lamb wrote:
> >Port 135 (DPT=135) is used for M$ RPC calls and its security holes are
> >exploited by various M$ diseases (I think lovsan is one). I've a SuSE
> >box on a 16-bit network with lots of Win2k boxen on it and I get about
> >60 of these a day at the moment.
> >
>
> Your lucky, I have been getting over 10,000 a day for the last few weeks.
> >There's not much you can do other than change ISP. Eventually the
> >messages will die away.
> They do seem to be dying off, only 4,500 today so far.
from the C/L
iptables -A INPUT -s worse.IP.Addresses -d 0/0 --proto all -j DROP
set it, and forget it.
--
Gary
My husband bought me a mood ring the other day. When I'm in a good mood,
it turns green. When I'm in a bad mood, it leaves a red mark on his
forehead.
| < Previous | Next > |