Simplest way to deny access to a class C
Jorge Biquez
jbiquez at intranet.com.mx
Sat Mar 5 02:07:34 UTC 2011
>
>I wonder why nobodies mentioned a quite simple method with tcpwrappers and
>hosts.allow / hosts.deny also
Hello.
I guess something simple could work.... For some reason, don ask me
why becasue I did not find why, the:
Order Deny, Allow
Deny IP
Allow all
under httpd.conf and outsite as .htaccess does not work but for now
teh thing is simple, to block a class C, those guys are stupiod and
programmed bad an application (I guess) and are pointing to one of my
domains... since 4 weeks ago I am receiving this kind of access:
189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "OPTIONS / HTTP/1.1"
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "OPTIONS / HTTP/1.1"
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "OPTIONS / HTTP/1.1"
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "OPTIONS / HTTP/1.1"
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "OPTIONS / HTTP/1.1"
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
They change IP's , from the same Class C. No trying to do anything
else, hack or send email....
So I decided to block the Class C. I guess that with the deny, allow
directives under Apache would be enough but they do not work. I am
under Apache 1.3x and all works fine but that directives do not. I
tried , read and not be able to make them work so that's why I
decided to block them and block others, those yes are trying to hack,
the simplest way..... anyway.... I will see if the:
>hosts.allow / hosts.deny
would help. If needed I would upgrade to latest version of FreeBSD
Apache or whatever needed. Even when they do not do anything my
server, a 386 that has been running Freebsd the last 13 years since
Freebsd 3.x is supporting this extra load and besides they are
wasting my bandwidth. I can not do anything and no problem but I'd
like to solve this and continue learning Freebsd.
Thanks for your time.
Jorge Biquez
More information about the freebsd-questions
mailing list