RE: [libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC
Hi Guilhem,
My IP lists are sourced from my pbx of malicious ip's trying to exploit the
pbx. Also have Wordfence of ip's trying to brute force my wordpress sites and
cpanel of ip's trying to brute force my server. I don’t think that such IP's
are an issue to share.
Prior to the firewall migration wouldn’t it be better to get an IDPS system in
place and move the rules over once such a system is in place such as snort?
-Original Message-
From: Guilhem Moulin
Sent: 18 May 2021 18:06
To: Jonathan Aquilina
Cc: website@global.libreoffice.org; hostmas...@documentfoundation.org
Subject: Re: [libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC
On Tue, 18 May 2021 at 15:25:28 +, Jonathan Aquilina wrote:
> Where would you like me to start. I have through my own infrastructure
> accumulated a very nice long list which is continuously growing. Would
> you like me to see how with nftables how to implement ipset's to block
> those malicious ip's?
It's probably best to schedule another call during the coming days or weeks.
We'd need to convert the existing shorewall-based firewall policy rules to
nftables, and come up with a smooth upgrade path.
ipset replacement is trivial ‘set NAME { type ipv[46]_addr; [timeout 10m;] }’
but that's not the focus here given we don't make use of ipsets in the first
place. Also we likely can't exchange IP lists for privacy reasons. I think
dynamic sets populated on the fly by the IDS, and automatically released after
some minutes, would be fine :-)
Cheers,
--
Guilhem.
--
To unsubscribe e-mail to: website+unsubscr...@global.libreoffice.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/website/
Privacy Policy: https://www.documentfoundation.org/privacy
RE: [libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC
Hi Guilhem, I would like to push forward on this even though I am not able to attend. Where would you like me to start. I have through my own infrastructure accumulated a very nice long list which is continuously growing. Would you like me to see how with nftables how to implement ipset's to block those malicious ip's? Regards, Jonathan -Original Message- From: Guilhem Moulin Sent: 18 May 2021 17:13 To: Jonathan Aquilina ; website@global.libreoffice.org Cc: hostmas...@documentfoundation.org Subject: Re: [libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC Hi Jonathan, On Tue, 18 May 2021 at 14:31:26 +, Jonathan Aquilina wrote: > Can you provide me with an update as to the firewall side of things > has something been started with nftables? It hasn't, we haven't forgotten you said you wanted to help with that :-) > I am asking as I will not be able attend to todays meeting due to some > personal medical issues that I am dealing with. Oh sorry to hear that, get well and see you soon! Take care -- Guilhem. -- To unsubscribe e-mail to: website+unsubscr...@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy
[libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC
Hi Guilhem, Can you provide me with an update as to the firewall side of things has something been started with nftables? I am asking as I will not be able attend to todays meeting due to some personal medical issues that I am dealing with. Regards, Jonathan -Original Message- From: LibreOffice On Behalf Of Guilhem Moulin Sent: 17 May 2021 00:59 To: website@global.libreoffice.org; proje...@global.libreoffice.org; libreoff...@lists.freedesktop.org Cc: hostmas...@documentfoundation.org Subject: Infra call on Tue, May 18 at 16:30 UTC Hi there, The next infra call will take place at `date -d "Tue, 18 May 2021 16:30 UTC"` (18:30 Berlin time). We'll meet at https://jitsi.documentfoundation.org/infra and write the minutes to https://pad.documentfoundation.org/p/infra . Agenda TBA. See you there! Cheers, -- Guilhem. -- To unsubscribe e-mail to: website+unsubscr...@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy
Re: [libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC
On Tue, 18 May 2021 at 16:12:56 +, Jonathan Aquilina wrote: > Prior to the firewall migration wouldn’t it be better to get an IDPS > system in place and move the rules over once such a system is in place > such as snort? This is orthogonal, so not a blocker :-) -- Guilhem. -- To unsubscribe e-mail to: website+unsubscr...@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy
Re: [libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC
On Tue, 18 May 2021 at 15:25:28 +, Jonathan Aquilina wrote:
> Where would you like me to start. I have through my own infrastructure
> accumulated a very nice long list which is continuously growing. Would
> you like me to see how with nftables how to implement ipset's to block
> those malicious ip's?
It's probably best to schedule another call during the coming days or
weeks. We'd need to convert the existing shorewall-based firewall
policy rules to nftables, and come up with a smooth upgrade path.
ipset replacement is trivial ‘set NAME { type ipv[46]_addr; [timeout 10m;] }’
but that's not the focus here given we don't make use of ipsets in the
first place. Also we likely can't exchange IP lists for privacy
reasons. I think dynamic sets populated on the fly by the IDS, and
automatically released after some minutes, would be fine :-)
Cheers,
--
Guilhem.
--
To unsubscribe e-mail to: website+unsubscr...@global.libreoffice.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/website/
Privacy Policy: https://www.documentfoundation.org/privacy
Re: [libreoffice-website] RE: Infra call on Tue, May 18 at 16:30 UTC
Hi Jonathan, On Tue, 18 May 2021 at 14:31:26 +, Jonathan Aquilina wrote: > Can you provide me with an update as to the firewall side of things > has something been started with nftables? It hasn't, we haven't forgotten you said you wanted to help with that :-) > I am asking as I will not be able attend to todays meeting due to some > personal medical issues that I am dealing with. Oh sorry to hear that, get well and see you soon! Take care -- Guilhem. -- To unsubscribe e-mail to: website+unsubscr...@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy
