* Rikard Johnels;
Hi! Dunna if this is thr right list, but i need help blocking IP's from access to my network. I get a few "tries" similar to: 213.66.14.220 - - [02/Nov/2002:16:46:13 +0100] "GET /scripts/root.exe? /c+dir HTTP/1.0" 404 270 Is there a way to block them automagically, or do i have to do it "by hand"? Use the Apache itself
SetEnvIf Request_URI "root.exe|cmd.exe|default.ida" bad-req ErrorLog /var/log/httpd/faq_error.log CustomLog /var/log/httpd/faq_acces.log combined env=!bad-req Use it in your server conf and these things will now show in your logs
Also: I nmap my gateway:
Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
I run iptables and try to block 111,139,631,1009 and 1025 iptables -A INPUT -p tcp --destination-port 111 -i eth0 -j DROP but it is still open if i check again. Why?
Where did you ran the nmap from inside ? -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx