Simplest way to deny access to a class C

Gary Gatten Ggatten at waddell.com
Sat Mar 5 02:25:36 UTC 2011


Null (bogus) route that /24 seems the most simple to me: 5 seconds and no upgrades or add ons.

----- Original Message -----
From: Jorge Biquez [mailto:jbiquez at intranet.com.mx]
Sent: Friday, March 04, 2011 08:07 PM
To: freebsd-questions at freebsd.org <freebsd-questions at freebsd.org>
Subject: Re: Simplest way to deny access to a class C


>
>I wonder why nobodies mentioned a quite simple method with tcpwrappers and
>hosts.allow / hosts.deny also

Hello.

I guess something simple could work.... For some reason, don ask me 
why becasue I did not find why, the:

Order Deny, Allow
Deny IP
Allow all

under httpd.conf and outsite as .htaccess does not work but for now 
teh thing is simple, to block a class C, those guys are stupiod and 
programmed bad an application (I guess) and are pointing to one of my 
domains... since 4 weeks ago I am receiving this kind of access:

189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"

They change IP's , from the same Class C. No trying to do anything 
else, hack or send email....
So I decided to block the Class C. I guess that with the deny, allow 
directives under Apache would be enough but they do not work. I am 
under Apache 1.3x and all works fine but that directives do not. I 
tried , read and not be able to make them work so that's why I 
decided to block them and block others, those yes are trying to hack, 
the simplest way..... anyway.... I will see if the:

>hosts.allow / hosts.deny

would help.  If needed I would upgrade to latest version of FreeBSD 
Apache or whatever needed. Even when they do not do anything my 
server, a 386 that has been running Freebsd the last 13 years since 
Freebsd 3.x is supporting this extra load and besides they are 
wasting my bandwidth. I can not do anything and no problem but I'd 
like to solve this and continue learning Freebsd.

Thanks for your time.

Jorge Biquez

_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"





<font size="1">
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
</div>
"This email is intended to be reviewed by only the intended recipient
 and may contain information that is privileged and/or confidential.
 If you are not the intended recipient, you are hereby notified that
 any review, use, dissemination, disclosure or copying of this email
 and its attachments, if any, is strictly prohibited.  If you have
 received this email in error, please immediately notify the sender by
 return email and delete this email from your system."
</font>



More information about the freebsd-questions mailing list