connlimit cred si eu ca e singura solutie
troienii pleaca de la mine cu dport 25 si nu-i intereseaza nimik ... nu tin ei cont de faptul ca a plecat sau nu mail .... din celalant punct de vedere nu vreau sa am o retea virusata , dar nici nu vreau sa ma sune cate un client din 2 in 2 zile sa se planga ca nu mai poate trimite mail datorita faptului ca ip-ul apare in XBL smtps(465) este una din cele mai bune solutii dar nu toti inteleg ca se poate folosi si ala o sa incerc sa pun de test un connlimit max 5 intr-un interval de timp scurt din cate am observat in loguri troianu cand incepe sa "lucreze" trimite cam 300 de mail-uri in mai putin de 10 secunde > connlimit ajuta? > > On Mar 2, 2009, at 2:31 PM, Bogdan Cehan wrote: > > Salutare , > > am si eu o mica problema cu cateva calculatoare care sunt > > virusate intr-o mica retea de "cartier" .... folosesc ip-uri > > private in interioriul retelei si apoi din NAT ies aproape toate > > print-un singur ip de net , problema mea este ca din 2 in 2 > > saptamani acel ip este listat in "XBL" , acum stau eu si ma > > intreb daca incerc sa limitez numarul de conexiuni smtp pe > > FORWARD rezolv cumva problema ? cu un iptables -A FORWARD -s > > 192.168.2.0/24 -p tcp --dport 25 -j LOG il gasesc pe omu` care > > este virusat dar il gasesc destul de tarziu si as vrea o alta > > solutie , iar daca se poate nu as vrea sa ma ridic la > > "standardele" RDS si sa tai de tot portul 25 de tot , mi se pare > > o chestie destul de "ciobaneasca" sa-l filtrez de tot ..... > > > > > > > > > > so .... are cineva vreo idee ? s-a mai lovit cineva de asta si a > > gasit o solutie ? > > > > > > > > Multumesc > > > > > > > > > > > > > > > > *****DISCLAIMER***** > > > > The information contained in this communication is confidential > > and may be legally privileged. It is intended solely for the use > > of the individual or entity to whom it is addressed and others > > authorized to receive it. If you are not the intended recipient > > you are hereby notified that any disclosure, copying, > > distribution or taking action in reliance of the contents of this > > information is strictly prohibited and may be unlawful. Media > > Image Group S.R.L. is neither liable for the proper, complete > > transmission of the information contained in this communication > > nor any delay in its receipt. > > > > *****END OF DISCLAIMER***** > > > > _______________________________________________ > > RLUG mailing list > > [email protected] > > http://lists.lug.ro/mailman/listinfo/rlug > > _______________________________________________ > RLUG mailing list > [email protected] > http://lists.lug.ro/mailman/listinfo/rlug *****DISCLAIMER***** The information contained in this communication is confidential and may be legally privileged. It is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking action in reliance of the contents of this information is strictly prohibited and may be unlawful. Media Image Group S.R.L. is neither liable for the proper, complete transmission of the information contained in this communication nor any delay in its receipt. *****END OF DISCLAIMER***** _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
