Thanks Roger. I will be trying this box to see what I can do. Otherwise, I'd probably have to find a list of all of the Rogers (The ISP providing internet to these boxes) IPs to at least limit the attacks to Rogers ISP.
hmmm.... Or maybe secure is using DNS like this: sdlfjds...@$523k4j98sd7fkjh324#@$832.dyndns.org ^^^^^^^^^^^^^^^^^^^^isn't that a security feature in itself? Thanks On Sat, Oct 2, 2010 at 4:32 PM, Roger Burton West <ro...@firedrake.org>wrote: > On Sat, Oct 02, 2010 at 04:09:33PM -0400, bruce bruce wrote: > >Can't I in my ip tables just accept the pap2t.dyndns.org if that is bind > to > >the PAP2T? do you think the devices comes in with it's external IP rather > >than the dyndns domain? > > Yes. An IP datagram carries only the source and destination IP > addresses, not the DNS names associated with them. Your firewall _may_ > be able to accept a DNS name to block or allow rather than an IP > address, but most don't, and doing so makes you vulnerable to DNS > spoofing attacks. > > To go further would be thoroughly off-topic for this list. > > Roger > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
