On Mon, 3 Jan 2022 at 15:44, Mike Hammett <[email protected]> wrote: > > *nods* being UDP, it could be easy to spoof someone else to get them blocked. > When I automated honeypot -> ACL, I shut myself out of Google's authoritative > DNS servers, assuming because of spoofing. There could have been more than I > didn't even realize. >
What's the gain of spoofing/poisoning if you are going to do "allow lists" for all your important IPs and only block on your important ports (SIP etc) with Fail2ban? I suppose, "just because I can". > Gotta protect against that kind of stuff. _______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
