On 12/04/2019 18:30, Mike Bird wrote:
> On Fri April 12 2019 09:44:07 Michael Howard via trinity-users wrote:
>> I'm referring to 'block' lists, as provided by spamhaus.org and
>> dshield.org for example, which are made available to everybody and can
>> be downloaded as frequently as one likes/needs.
> Spammers have rather different characteristics than the attackers
> attempting to hack systems and guess passwords.
>
>> As an added barrier, I also have my own list of blocked IPs. These are
>> IPs which are not on the above lists that repeatedly connect, trying
>> different username/password combinations in succession. This list is not
>> permanent because as you say, they could well be infected� slaves.
> Infected PCs attempting to guess passwords and exploit bugs number
> in the millions, with thousands of changes every day.
>
> What is needed is defense in depth including staying up to date on
> security patches, careful software configuration including firewalls,
> various forms of packet rate limiting, encryption, fail2ban, reverse
> DNS checks, SPF/DKIM, spam filters, and malware scanners.
>
Shakes head and gives up.

-- 
Mike Howard