Mailing List SIMS@mail.stalker.com Message #14828
From: Bill Cole <listbill@scconsult.com>
Subject: Re: Authentication Attempts
Date: Tue, 30 Nov 2004 10:30:13 -0500
To: SIMS Discussions <SIMS@mail.stalker.com>
At 7:50 AM -0700 11/30/04, Warren Michelsen  imposed structure on a
stream of electrons, yielding:
At 9:01 AM -0500 11/30/04, Bill Cole issued a series of ones and
zeros which decoded as:
At 6:26 AM -0700 11/30/04, Warren Michelsen  imposed structure on a
stream of electrons, yielding:
Is there nothing that can be done about spammer attempts to
authenticate so as to relay through my SIMS server? Nothing to temp
ban the idiot after xx failed attempts?

Do I just have to put up with it?
...
In the end, protecting your own network is something you have to do
on your own,  and that may well mean doing something like I do:
drop port 25 packets from 61/8, 210/7, 218/7, 220/7, and 222/8 at
the router level, along with a lot of smaller ranges.

I've never had a router of my own for my /28 subnet, though I have
thought about it every now and then.

The main thing I'd use it for is blocking IP ranges and individual
troublesome addresses. Might anyone recommend something affordable?

Whatever device you have between you and the wire carrying your inbound traffic IS a router, even if it isn't one capable of filtering or one that you have control of to do filtering.

Back when I handled a /27 coming in over a nailed-up analog modem and a Mac, my preferred mechanism for control was IPNetRouter, a very good 'classic' Mac program. http://www.sustworks.com/site/prod_ipr_overview.html  You can use it right on a Mac running SIMS as a filter or on any Mac sitting between the outside world and the rest of your network.

Obviously there are also a lot of simple dedicated hardware routers available these days as well, and some are reasonably capable. Sometimes they are devices disguised as wireless access points, like my Linksys WRT54G. That particular device is not a good plug & play firewall/router because of the disguise, unless you want to play with the hacks for it. Because I have DSL now and am not willing to trust my ISP with access to my network, I have a DSL router (Efficient SpeedStream 5861) where I actually do all my simple address and port filtering.


--
Bill Cole
bill@scconsult.com

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster