Subj : Re: Pro-active firewall?
To   : Shurato
From : Digimaus
Date : Thu Jul 18 2024 21:16:48

-=> Shurato wrote to Nick Andre <=-

 Sh> I've just for Windows Firewall for a firewall.  It will only hold a
 Sh> total of 1000 rules, though, so I need a solution that won't require me
 Sh> to purge the list every 2-3 days.

I highly recommend looking at running pfSense as your edge firewall.  I run it
here, along with iptables and fail2ban, and while I do get script kiddies on
ports 22 and 23, I can automatically block troublesome subnets for 26 weeks (!)
using a special f2b filter (Linux only).

What you're doing is okay but you're putting a Band-Aid on a compound fracture.

pfSense is open source, based on FreeBSD, and when properly configured, damn
near bulletproof.

-- Sean

.... "I never think of the future.  It comes soon enough." - A. Einstein
--- MultiMail/Win v0.52
 * Origin: Outpost BBS * Johnson City, TN (618:618/1)

.