using host.allow on dynamic addresses

Kent Stewart kstewart at owt.com
Wed Apr 30 22:00:43 PDT 2003


On Wednesday 30 April 2003 09:52 pm, Alfonso Romero wrote:
> I´ve been receiving some of this lines on my apache access log:
>
> 200.67.17.221 - - [28/Apr/2003:17:46:05 -0500] "GET
> /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>XXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>XXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>XXXXXXX
> XXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858
>%ucbd3%
> u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00
>=a HTTP/1.0" 404 286 "-" "-"
>
> From what I´ve read, I can put on hosts.allow these addresses to
> avoid this type of problem, but what if some of those addresses are
> dynamic? If one user has an infected PC with a dialup access to
> Internet, and then hangs up and another user receives this same
> address, even if his PC isn´t infected, he couldn´t visit my site,
> right?

That is right. If you prevent an IP address to stop this, then a good 
user could be prevented from visiting your system. The thing to do is 
copy the message and send it to 

Si desea notificar sobre correo no solicitado o accesos no autorizados,
favor de enviar su mensaje a abuse at nic.mx

At least, that is where a lookup of 200.67.17.221  eventually leads you 
to.

Kent

-- 
Kent Stewart
Richland, WA

http://users.owt.com/kstewart/index.html



More information about the freebsd-questions mailing list