Simplest way to deny access to a class C
Patrick Gibson
gibblertron at gmail.com
Thu Mar 3 23:58:06 UTC 2011
You might consider mod_security (/usr/ports/www/mod_security) which
can be set up to ban hosts based on behaviour or characteristics.
Or fail2ban (/usr/ports/security/py-fail2ban) is really great, too, in
that it scans whatever logs you want, and can trigger a block in your
firewall if enough violating log entries are found within a particular
period of time. Everything is totally configurable, and there are
plenty of examples that come with it.
Patrick
On Thu, Mar 3, 2011 at 8:59 AM, Jorge Biquez <jbiquez at intranet.com.mx> wrote:
> Hello all.
>
> I am sorry in advance if this question sounds too stupid.
>
> I have a small server for personal use of webpages running:
>
> 7.3-PRERELEASE FreeBSD 7.3-PRERELEASE #0
>
> it is working fine , no problem very stable.
>
> I just need to block some IP class C address that are always trying to
> "discover" directories or applications under the web server. They do not do
> and can not do anything since this server has nothing installed but i am
> tired of seeing in the logs all the intents they do every 2-3 seconds.
>
> I have not installed any kind of firewall yet.
> What do you think is the best way to accomplish this task? If possible the
> easiest one. I do not want to do anything else but just bloc IP's, at this
> moment at least.
>
> Thanks in advance.
>
> Jorge Biquez
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list