On 18/01/2016, Dave Täht <d...@taht.net> wrote: > One of my issues with blindly applying techniques to block certain IPs > is trusting the sources of the data - many people have ended up on a > blocklist that shouldn't have. > > That said, ipset is so effective and so scalable, that perhaps deploying > this by default > > http://www.linuxjournal.com/content/server-hardening?page=0,1 > > would be a good idea. > > Are there any more ipv6 specific blocklists out there?
Note the RBN list it links to says it's obsolete for 2 years. (Other Emerging Threat lists are available, as transparent aggregation of a very small number of trusted sources. Still useful but rather less ambitious. Unfortunately the documentation still describes the obsolete lists. Maybe somewhere else is more active). It sounds like one needs a list to stay up to date on which blocklists to use :). Alan _______________________________________________ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
