===== alexandria =====
  * 08/19/2009 PermitRootLogin no
  * 08/21/2009 block 1/2 hour scan from 91.205.41.160
<file>
-A RH-Firewall-1-INPUT -m udp -p udp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-UDP-RIPE "
-A RH-Firewall-1-INPUT -m udp -p udp -s 91.0.0.0/8 -j DROP
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-TCP-RIPE "
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 91.0.0.0/8 -j DROP
</file>

===== alexandria2 =====
===== aries =====
===== artemis =====
  * 08/26/2009 limit ssh to hephaistos with firewall

artemis kernel: ip_conntrack: table full, dropping packet
  cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
  echo 32768 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max

/etc/sysctl.conf
  ip_conntrack_max = 32768

===== athena =====
===== bacchus =====
  * 08/21/2009 block 1/2 hour scan from 91.205.41.160
<file>
-A RH-Firewall-1-INPUT -m udp -p udp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-UDP-RIPE "
-A RH-Firewall-1-INPUT -m udp -p udp -s 91.0.0.0/8 -j DROP
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-TCP-RIPE "
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 91.0.0.0/8 -j DROP
</file>
  * 08/26/09 changed above to just the specific address

===== bernoulli =====
===== callisto =====
===== citation1 =====
===== courier =====
  * 08/19/2009 added campus to ssh in ip6tables
<file>
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 2001:468:c80::/48 --dport 22 -j LOG --log-prefix "FIREWALL-IPV6-SSH-ACCEPT "
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 2001:468:c80::/48 --dport 22 -j ACCEPT
</file>
  * 08/21/2009 block 1/2 hour scan from 91.205.41.160
<file>
-A RH-Firewall-1-INPUT -m udp -p udp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-UDP-RIPE "
-A RH-Firewall-1-INPUT -m udp -p udp -s 91.0.0.0/8 -j DROP
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-TCP-RIPE "
-A RH-Firewall-1-INPUT -m tcp -p tcp -s 91.0.0.0/8 -j DROP
</file>

forwarded email accounts:

/etc/aliases
  walters:rwalters
  advising:mkapania@vt.edu
  durham:durham@vt.edu
  brown:albrown5@vt.edu
  grossman:bgrossma@vt.edu
.forward
  ./diskhogs/lscharf/.forward  lscharf@vt.edu
  ./facultystaff1/neu/Neu/.forward  \neu, "|/usr/sbin/vacation neu"
  ./facultystaff1/jschetz/.forward  ptiger@vt.edu
  ./facultystaff1/kapania/.forward  rkapania@mail.vt.edu
  ./facultystaff1/simpson/.forward  rosimpso@vt.edu
  ./facultystaff1/grossman/.forward  bgrossma@vt.edu
  ./backup/ericjohnson/root/root/.forward  root@aoe.vt.edu
  ./misc/hokiesat/.forward  jana@vt.edu
  ./grad1/asang/.forward  asang@vt.edu
  ./facultystaff3/mccue/.forward  mccue@exchange.vt.edu
  ./facultystaff3/mason/.forward  whmason@vt.edu
  ./facultystaff3/jdurham/.forward  jdurham@exchange.vt.edu
  ./facultystaff4/gurdal/.forward  gurdal@gurdal.esm.vt.edu
  ./facultystaff4/shosder/.forward  shosder@vt.edu
  ./facultystaff4/cliff/.forward  cliff@icam.vt.edu
  ./facultystaff4/rwalters/.forward  rwalters@vt.edu
  ./facultystaff4/ltw/.forward  ltw@cayuga.cs.vt.edu
  ./facultystaff2/kashin/.forward  kashin@usit.net

===== dorcas =====
===== drotte =====
===== europa =====
===== galerkin =====
===== halley =====
===== hawker1 =====
  * 08/21/2009 block 1/2 hour scan from 91.205.41.160
<file>
-A INPUT -m udp -p udp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-UDP-RIPE "
-A INPUT -m udp -p udp -s 91.0.0.0/8 -j DROP
-A INPUT -m tcp -p tcp -s 91.0.0.0/8 -j LOG --log-level info --log-prefix "FIREWALL-TCP-RIPE "
-A INPUT -m tcp -p tcp -s 91.0.0.0/8 -j DROP
</file>

===== helios =====
===== hephaistos =====
===== idesk =====
===== jeffa =====
===== jeffb =====
===== licenseserver2 =====
===== lyapunov =====
===== melnikov =====
===== orion =====
===== riccioli =====
===== sandbox =====
===== severian =====
===== tethys =====
===== titan =====
===== traininglt =====
===== tsunami =====
===== typhon =====