[prev in list] [next in list] [prev in thread] [next in thread]
List: ipchains-list
Subject: Re: [IPChains] out of this topic (VPN box)
From: Frank Stuehmer <f.stuehmer () msc-gmbh ! de>
Date: 2002-03-08 10:54:38
[Download RAW message or body]
www.freeswan.org is your friend
Frank
> Hi all,
>
> anybody know , or ever hear how to built VPN server & VPN client on linux
?
> where can i download the packet ?
>
> sorry for this out of topic question.
>
> Please pointing me.
>
> thank in advance.
>
> --anthony l--
>
> -----Original Message-----
> From: ipchains-list-request@lists.balius.com
> [mailto:ipchains-list-request@lists.balius.com]
> Sent: Monday, March 04, 2002 12:01 AM
> To: ipchains-list@lists.balius.com
> Subject: IPChains-list digest, Vol 1 #44 - 2 msgs
>
>
> Send IPChains-list mailing list submissions to
> ipchains-list@lists.balius.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.balius.com/mailman/listinfo/ipchains-list
> or, via email, send a message with subject or body 'help' to
> ipchains-list-request@lists.balius.com
>
> You can reach the person managing the list at
> ipchains-list-admin@lists.balius.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of IPChains-list digest..."
>
>
> Today's Topics:
>
> 1. Re: performance problem (John Sage)
> 2. Re: performance problem (coldbriz)
>
> --__--__--
>
> Message: 1
> Date: Sat, 02 Mar 2002 12:34:30 -0800
> From: John Sage <jsage@finchhaven.com>
> Subject: Re: [IPChains] performance problem
> To: coldbriz <coldbriz@yahoo.com>
> Cc: ipchains-list@lists.balius.com
>
> How much *actual* bandwidth are you losing to a Code Red/Nimda GET
> that results in a 404?
>
> 9000 unique IP's relative to what volume of actual, legitimate traffic
> on your server?
>
> You can't block *every* IP that probes you: that's the first attempt
> that the novice tries, but it can never work.
>
> You block 9000 this month, 9000 next month, where does it all lead?
>
> IP-based blocking will never work ultimately, there's too many rogue
> IP's out there. Do a little research and discover how many of the IP's
> you've already got are dynamic IP's from dialups, DSL, etc etc.
>
> Don't worry about it: you're immune, get over it.
>
> My $00.02
>
>
> - John
> --
> Most people don't type their own logfiles; but, what do I care?
>
>
>
> On Sun, Mar 03, 2002 at 12:32:12AM +0800, coldbriz wrote:
> > hi all,
> > wonder if anyone encounter similar scenario:
> >
> > Recently i do a grep to find out how many windows boxes out there are
> still
> > suffering from the nimda virus and causing unnecessary bandwidth usage
to
> my
> > apache linux box. i got around 9000+ unique IP address from last month
web
> > server log probing to my linux box! am thinking of blocking all these IP
> > addresses using ipchains, but after i do a test, due to the amount of
> rules,
> > the network performance suffer dramatically.
> >
> > without blocking 9000+ IP addresses, i can FTP at 10MB / s
> > with blocking 9000+ IP addresses, i get only 400KB / s
> >
> > any suggestion?
> >
> > best regards.
>
> --__--__--
>
> Message: 2
> Date: Sun, 03 Mar 2002 22:15:29 +0800
> From: coldbriz <coldbriz@yahoo.com>
> Subject: Re: [IPChains] performance problem
> To: John Sage <jsage@finchhaven.com>
> Cc: ipchains-list@lists.balius.com
>
> Thanks for the thought John, i think you are right.
>
> ----- Original Message -----
> From: "John Sage" <jsage@finchhaven.com>
> To: "coldbriz" <coldbriz@yahoo.com>
> Cc: <ipchains-list@lists.balius.com>
> Sent: Sunday, March 03, 2002 4:34 AM
> Subject: Re: [IPChains] performance problem
>
>
> > How much *actual* bandwidth are you losing to a Code Red/Nimda GET
> > that results in a 404?
> >
> > 9000 unique IP's relative to what volume of actual, legitimate traffic
> > on your server?
> >
> > You can't block *every* IP that probes you: that's the first attempt
> > that the novice tries, but it can never work.
> >
> > You block 9000 this month, 9000 next month, where does it all lead?
> >
> > IP-based blocking will never work ultimately, there's too many rogue
> > IP's out there. Do a little research and discover how many of the IP's
> > you've already got are dynamic IP's from dialups, DSL, etc etc.
> >
> > Don't worry about it: you're immune, get over it.
> >
> > My $00.02
> >
> >
> > - John
> > --
> > Most people don't type their own logfiles; but, what do I care?
> >
> >
> >
> > On Sun, Mar 03, 2002 at 12:32:12AM +0800, coldbriz wrote:
> > > hi all,
> > > wonder if anyone encounter similar scenario:
> > >
> > > Recently i do a grep to find out how many windows boxes out there are
> still
> > > suffering from the nimda virus and causing unnecessary bandwidth usage
> to my
> > > apache linux box. i got around 9000+ unique IP address from last month
> web
> > > server log probing to my linux box! am thinking of blocking all these
IP
> > > addresses using ipchains, but after i do a test, due to the amount of
> rules,
> > > the network performance suffer dramatically.
> > >
> > > without blocking 9000+ IP addresses, i can FTP at 10MB / s
> > > with blocking 9000+ IP addresses, i get only 400KB / s
> > >
> > > any suggestion?
> > >
> > > best regards.
>
>
>
> _________________________________________________________
>
> Do You Yahoo!?
>
> Get your free @yahoo.com address at http://mail.yahoo.com
>
>
>
>
>
> --__--__--
>
> _______________________________________________
> IPChains-list mailing list
> IPChains-list@lists.balius.com
> http://lists.balius.com/mailman/listinfo/ipchains-list
>
>
> End of IPChains-list Digest
> _______________________________________________
> IPChains-list mailing list
> IPChains-list@lists.balius.com
> http://lists.balius.com/mailman/listinfo/ipchains-list
>
_______________________________________________
IPChains-list mailing list
IPChains-list@lists.balius.com
http://lists.balius.com/mailman/listinfo/ipchains-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic