On Wednesday 14 June 2006 19:38, David Rankin wrote:
Mates,
I am trying to configure hosts.deny to deny all access to APNIC IP's. I am also looking for any additional ideas that you have found that work to deny other notorious scrip kiddie addresses as well. So if you have a good hosts.deny file you wouldn't mind posting or sharing, I would welcome the help. The apnic ranges I have found so far come from: http://www.apnic.net/db/ranges.html The hosts.deny file I have put together from that looks like the following. What is everybody else doing to cut down on the annoying sshd/ftp etc.. attempts?
# /etc/hosts.deny # See 'man tcpd' and 'man 5 hosts_access' as well as /etc/hosts.allow # for a detailed description.
# Excluded APNIC Ranges ALL : 210. ALL : 211. ALL : 58. ALL : 60. ALL : 121. ALL : 122. ALL : 126. ALL : 169.208. ALL : 196.192. ALL : 202. ALL : 203. ALL : 210. ALL : 218. ALL : 220. ALL : 222.
Isn't it true that hosts.deny will only be used when someone has gotten by your firewall? Given that, what is your firewall allowing into your network? -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com