Hello,
Steven F Siirila wrote:
On Sun, Aug 31, 2003 at 03:49:24AM +0200, Brad Knowles wrote:
...
What's your breakdown of why those connections are blocked? How
many unique blocks are due to which blacklist? How many unique
blocks are from lack of rDNS? How many unique blocks are there by
This is some stats from our server. Some explanations before...
We accept only 8 connections a day coming from gateways with bad DNS resolution (resolve
fail or forged).
This is usually nough to accept legitimate messages coming from gateways with bad dns
resolution.
This kind of filtering is becoming less efficient than before. One year ago, it was
better, and we could usually block more connections, mainly on weekends and during the night.
The trafic level of this server is around 50000 connections a day.
These numbers concerns only connections from gateways with bad dns resolution.
Data displayed are in cumulative mode
SUMMARY | 06H 12H 18H 24H 48H |
----------------------------------------------------
CONNECT...... | 1293 2281 2947 3957 7291 | connections
ACCEPT....... | 680 1256 1762 2426 4816 | connections
REJECT....... | 613 1025 1185 1531 2475 | connections
REJECT RATIO. | 47.41 44.94 40.21 38.69 33.95 | % connections
MEAN......... | 2.4 2.5 2.4 2.4 2.4 | connections/gateway
STD DEV...... | 8.2 8.2 7.7 8.0 7.8 | connections/gateway
GATEWAYS..... | 529 909 1252 1671 3044 | Total = 3044 addresses
REJECT....... | 55 81 96 126 194 | gateways
REJECT RATIO. | 10.40 8.91 7.67 7.54 6.37 | % gateways
GATEWAYS..... | 220 396 547 729 1332 | 90 % connections
RESOLVE FAIL | 06H 12H 18H 24H 48H |
----------------------------------------------------
CONNECT...... | 1176 2094 2667 3532 6379 | connections
ACCEPT....... | 598 1116 1555 2123 4179 | connections
REJECT....... | 578 978 1112 1409 2200 | connections
REJECT RATIO. | 49.15 46.70 41.69 39.89 34.49 | % connections
MEAN......... | 2.5 2.6 2.4 2.4 2.4 | connections/gateway
STD DEV...... | 8.7 8.7 8.1 8.4 8.1 | connections/gateway
GATEWAYS..... | 464 805 1096 1460 2653 | Total = 2653 addresses
REJECT....... | 49 73 86 110 171 | gateways
REJECT RATIO. | 10.56 9.07 7.85 7.53 6.45 | % gateways
GATEWAYS..... | 220 396 547 729 1332 | 90 % connections
RESOLVE FORGED| 06H 12H 18H 24H 48H |
----------------------------------------------------
CONNECT...... | 117 187 280 425 912 | connections
ACCEPT....... | 82 140 207 303 637 | connections
REJECT....... | 35 47 73 122 275 | connections
REJECT RATIO. | 29.91 25.13 26.07 28.71 30.15 | % connections
MEAN......... | 1.8 1.8 1.8 2.0 2.3 | connections/gateway
STD DEV...... | 2.3 2.4 2.7 3.3 5.5 | connections/gateway
GATEWAYS..... | 65 104 156 211 391 | Total = 391 addresses
REJECT....... | 6 8 10 16 23 | gateways
REJECT RATIO. | 9.23 7.69 6.41 7.58 5.88 | % gateways
GATEWAYS..... | 37 52 76 104 190 | 90 % connections
--
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++)
R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
--
---------------------------------------------------------------
Jose Marcio MARTINS DA CRUZ Tel. :(33) 01.40.51.93.41
Ecole des Mines de Paris http://j-chkmail.ensmp.fr
60, bd Saint Michel http://www.ensmp.fr/~martins
75272 - PARIS CEDEX 06
mailto:Jose-Marcio(_dot_)Martins(_at_)ensmp(_dot_)fr
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg