The problem is for example, that today some kiddies ( sshd bruteforcer )
tried to brute many vservers in our company.
Normaly I would set the attackers IP at the hostsystem with iptables to
DROP, but this works only with the hostsystem and "manualy added IPs (to
vservers)".
The IP that I give as argument to newvserver disappears completly from
the hostsystem, so that I can't set DROP rules for example to this IP.
Example of a vserver:
Main IP: 192.168.0.4
Second IP: 192.168.0.5
If I set now a DROP rule, it will have only an effect on the second IP (
which I added manualy ), so the hacker can't connect to 192.168.0.5 but
to 192.168.0.4!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
