© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Guys,
Just block the traffic altogether. You should be doing that anyway. Its just good security practice.
On your ubuntu, linux, solaris server or whatever just blackhole all the traffic.
Example:
In Ubuntu just type the command:
sudo ip route add blackhole 91.0.0.0/8
You can verify this with the
route -n command. Now start blocking tons of traffic. There are different ways to block traffic but this is my favorite. No messages are sent back such as unreachables as with reject messages. Think about it for a second. If you send a reject message such as destination unreachable then didn't I just find out that there is a live device somewhere? Who cares if the icmp was successful or not. My whole point was network reconnaissance. So black hole all of your traffic and hide in the shadows :-)
Here in the US I block all IP subnets out side of my country such as Russia, China and so forth. If there is a specific need then you can simply unblock the traffic when desired.