On Monday 10 July 2006 02:52, Toshi Esumi wrote:
Hi, I came across this thread while re-organizing my inbox. But, to block access from some certain IP address ranges, I would suggest you use "blocking route" with "route" command. Man page has a good explanation how it works with an example:
route add -net 10.0.0.0 netmask 255.0.0.0 reject
With this way, you can block access at Layer 3(IP) level without coming through TCP/IP then reaching xinetd. Just my idea. By the way, I haven't tested this command though.
This would be for outgoing routes, so you would get SYN packets coming through, but the responses would fail Much better, then, to use iptables, since this is what iptables does. For example iptables -I INPUT -s 10.0.0.0/8 -j DROP
Toshi
On Wed, 2006-06-14 at 18:38 -0500, David Rankin wrote:
Mates,
I am trying to configure hosts.deny to deny all access to APNIC IP's. I am also looking for any additional ideas that you have found that work to deny other notorious scrip kiddie addresses as well. So if you have a good hosts.deny file you wouldn't mind posting or sharing, I would welcome the help. The apnic ranges I have found so far come from: http://www.apnic.net/db/ranges.html The hosts.deny file I have put together from that looks like the following. What is everybody else doing to cut down on the annoying sshd/ftp etc.. attempts?
# /etc/hosts.deny # See 'man tcpd' and 'man 5 hosts_access' as well as /etc/hosts.allow # for a detailed description.
# Excluded APNIC Ranges ALL : 210. ALL : 211. ALL : 58. ALL : 60. ALL : 121. ALL : 122. ALL : 126. ALL : 169.208. ALL : 196.192. ALL : 202. ALL : 203. ALL : 210. ALL : 218. ALL : 220. ALL : 222.
-- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 www.rankinlawfirm.com
-- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.8.4/363 - Release Date: 6/13/06
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com