I have installed voipbl.org blacklist on two servers running 13 and 14 respectively. I get 100% cpu utilization on both and then they crash and restart. I can’t find any blogs on this and was wondering if anyone else was having this issue. It does load up a lot of IP’s into fail2ban and so that may be where the system breaks down. Anyone’s experience would be appreciated.
You would have to be specific as to how you try import voipbl.org list into your iptables setup, it is way too big for native iptables so you will need to use ipset and even then you will need to increase the hashsize as it is currently about 91k in size ( > 64k)
IMO blacklists of any kind are a waste of time. They provide very little security (any serious attacker will use a non-blacklisted IP address) and often cause problems, e.g. when a traveling user is unable to connect and doesn’t know why.
If you don’t need connections from ‘anywhere’, use a whitelist (only authorized IP addresses can connect). Otherwise, consider one of the following:
- Allow connection to your ‘secret’ domain name (not very secure, but more effective than a blacklist).
- Allow connection from an authorized dynamic DNS name.
- Allow connection via TLS, possibly requiring a client certificate.
- Allow connection via a VPN.
Thank you both for your insights!
This topic was automatically closed 31 hours after the last reply. New replies are no longer allowed.