On 12/04/2019 18:30, Mike Bird wrote: > On Fri April 12 2019 09:44:07 Michael Howard via trinity-users wrote: >> I'm referring to 'block' lists, as provided by spamhaus.org and >> dshield.org for example, which are made available to everybody and can >> be downloaded as frequently as one likes/needs. > Spammers have rather different characteristics than the attackers > attempting to hack systems and guess passwords. > >> As an added barrier, I also have my own list of blocked IPs. These are >> IPs which are not on the above lists that repeatedly connect, trying >> different username/password combinations in succession. This list is not >> permanent because as you say, they could well be infected� slaves. > Infected PCs attempting to guess passwords and exploit bugs number > in the millions, with thousands of changes every day. > > What is needed is defense in depth including staying up to date on > security patches, careful software configuration including firewalls, > various forms of packet rate limiting, encryption, fail2ban, reverse > DNS checks, SPF/DKIM, spam filters, and malware scanners. > Shakes head and gives up. -- Mike Howard