[Shorewall-users] Blacklist

Cowles, Steve Steve at SteveCowles.com
Wed, 16 Oct 2002 08:18:59 -0500


> -----Original Message-----
> From: Joe Gofton 
> Sent: Wednesday, October 16, 2002 7:39 AM
> Subject: Re: [Shorewall-users] Blacklist
> 
> 
> Crap. Still getting hit.
> 
> 
> #ADDRESS/SUBNET         PROTOCOL        PORT
> #av.com crap
> 64.152.75.0/24
> #Googlebot crap
> 216.239.0.0/24
> 216.39.0.0/24
> 209.86.0.0/24
> 209.73.0.0/24
> 

Have you added the option "blacklist" to your external interface listing in
the shorewall interface file?

Also, I simply add the ip address to my blacklist file without the mask for
the code red/nimda crap. i.e.

216.39.50.98
81.6.196.75

FWIW: I have added a few network addresses to my blacklist file, but only
after quering ICANN, APNIC, etc.. for the ISP's net block range. Stupid
spammers on dialup lines.

Steve Cowles