Simplest way to deny access to a class C
Jorge Biquez
jbiquez at intranet.com.mx
Fri Mar 4 02:43:14 UTC 2011
Thank you all for your time and comments.
I guess that I will install a firewall, that way I can also block
those Class C's from sending tons of emails to non existing accounts....
I will read the website to see the best options. Any suggestion is
more than welcome.
Jorge Biquez
At 06:02 p.m. 03/03/2011, you wrote:
>Be careful of automated responses. What if someone spoofs IP's of
>legit users / customers / whatever and your automated response
>blocks them? Not good.
>
>I thought about blocking....well, never mind - might pi$$ someone
>off and attract unwanted attention...
>
>-----Original Message-----
>From: owner-freebsd-questions at freebsd.org
>[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Patrick Gibson
>Sent: Thursday, March 03, 2011 5:58 PM
>To: Jorge Biquez
>Cc: freebsd-questions at freebsd.org
>Subject: Re: Simplest way to deny access to a class C
>
>You might consider mod_security (/usr/ports/www/mod_security) which
>can be set up to ban hosts based on behaviour or characteristics.
>
>Or fail2ban (/usr/ports/security/py-fail2ban) is really great, too, in
>that it scans whatever logs you want, and can trigger a block in your
>firewall if enough violating log entries are found within a particular
>period of time. Everything is totally configurable, and there are
>plenty of examples that come with it.
>
>Patrick
>
>
>On Thu, Mar 3, 2011 at 8:59 AM, Jorge Biquez <jbiquez at intranet.com.mx> wrote:
> > Hello all.
> >
> > I am sorry in advance if this question sounds too stupid.
> >
> > I have a small server for personal use of webpages running:
> >
> > 7.3-PRERELEASE FreeBSD 7.3-PRERELEASE #0
> >
> > it is working fine , no problem very stable.
> >
> > I just need to block some IP class C address that are always trying to
> > "discover" directories or applications under the web server. They do not do
> > and can not do anything since this server has nothing installed but i am
> > tired of seeing in the logs all the intents they do every 2-3 seconds.
> >
> > I have not installed any kind of firewall yet.
> > What do you think is the best way to accomplish this task? If possible the
> > easiest one. I do not want to do anything else but just bloc IP's, at this
> > moment at least.
> >
> > Thanks in advance.
> >
> > Jorge Biquez
> >
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
> >
>_______________________________________________
>freebsd-questions at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
>
>
>
>
><font size="1">
><div style='border:none;border-bottom:double windowtext
>2.25pt;padding:0in 0in 1.0pt 0in'>
></div>
>"This email is intended to be reviewed by only the intended recipient
> and may contain information that is privileged and/or confidential.
> If you are not the intended recipient, you are hereby notified that
> any review, use, dissemination, disclosure or copying of this email
> and its attachments, if any, is strictly prohibited. If you have
> received this email in error, please immediately notify the sender by
> return email and delete this email from your system."
></font>
>
>_______________________________________________
>freebsd-questions at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list