>> iptables -A FIREWALL -s 127.0.0.0/8 -j DROP >> > Very good. That was nearly funny :-) Why don't you add: > iptables -A FIREWALL -s 0.0.0.0/0 -j DROP and enjoy the silence :-)
Trouble is that you have to be the one that drives to the colo to eventually undo the rules :-) Speaking of fw rules, has anyone considered something to automate the SANS top 10? http://isc.sans.org/top10.html Would that be effective? Alex
