Warning – techy post
Whaaa..?
This is a technical post and there are no apologies for that.
I’ve run my own server for a while now (since 2007 to be honest) with the aim of 24/7 service to the internet. It’s a small set up and I not only provide some tried and tested tools but also do some experimental things on here too.
Most of my dynamic insulin modelling is done here for example.
That means I have a web address and the machine needs to be available on the web. As per many a standard security model, I have tied down exploitable routes into the server and use a firewall to enforce those rules.
Which brings me to the subject of this post: auto-configurable soft firewalls.
Using a simple script working out who is doing what and whether they should be, I am checking blacklisted IP against “Reported IPs Index | AbuseIPDB” so that I am learning from the rest of the internet’s experience of some individuals and their servers.
Which seems to be working reasonably well. I have a list of 50,000 people I blocked from day one and am adding to that individuals trying to come into my computer by a non-authorised route. That is saving my computer a great deal of cycle time because it isn’t waiting for a user to be failed three times any more.
Day 1, I had 20,000 odd tries a day from 100 or so hosts. It is now down to 20 tries from 5 hosts!
Because I am doing this against the audit logs, it’s also serving to protect the services too which has improved my server’s response time.
Just celebrating the small victories.
Posted: December 5th, 2018 under 42, Work.