[ubuntu-hardened] [Secure] Automate IP address banning using ipset and iptables.
Seth Arnold
seth.arnold at canonical.com
Tue Nov 24 01:03:10 UTC 2015
On Sun, Nov 22, 2015 at 09:26:53PM +0100, daniel curtis wrote:
> In conclusion; can anyone confirm or deny if such "ipset" command
> is the right thing in my case? Does such "ipset" sets are okay to
> use in IP/port scan banning? I mean "hash:net" set.
I haven't used ipset myself but I have the impression that either hash:net
or hash:ip would suit your needs. The hash:net setting might be better
if you're going to be blocking mostly entire netblocks, hash:ip might
be better if you're going to be blocking mostly individual addresses.
I hope this helps.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20151123/f02d8d1c/attachment.pgp>
More information about the ubuntu-hardened
mailing list