Thanks for the clarification. I know how to make a scripts with some tables and make it active at boot time but is there an easier way to do this since I already have firestarter and bastille? That is, can firestarter or bastille integrate 'iptables -I INPUT -s xxx.xxx.x.xxx -j DROP' etc without doing s simple shell script? Or also could be a matter of /etc/hosts.deny?
-Joe M. > >> I know I am new at this so here is my question: >> >> -I set up bastille + firestarter (2 better than one isn't it) >> - I have snort with acidlab >> -I have portsentry >> >> Acidlab reports lots of attempts through an ISP in Sweden apparently. >> >> I believe that my setup is correct and the attempts (not enough time to >> get familiar with acidlab) are useless. >> >> The ip address of these "attempts" is 80.xxx.xxx.x. Now, I was thinking >> in blocking this as follows. >> > > iptables -I INPUT -s 80.xxxx -j DROP > instead >> iptables -A INPUT -s 80.xxxx -j DROP > > >> Is this correct? can I add this rule at boot time? Is there a way to do >> it on firestarter? >> >> I don't even know if I am doing the right. >> >> Thanks, >> >> Joe M. >> >> >> -- >> To UNSUBSCRIBE, email to [EMAIL PROTECTED] >> with a subject of "unsubscribe". Trouble? Contact >> [EMAIL PROTECTED] >> >> > > > -- > Juanca > .''`. > : :' : Juan Carlos Le�n Centuri�n > `. `' Proudly running Debian GNU/Linux Sid > `- Kernel-2.6.7 > > > -- Jose Marrero <[EMAIL PROTECTED]> Key fingerprint = 1259 79C5 D922 EC07 47CC 724709C6
