Mailinglist Archive: opensuse (4343 mails)

< Previous Next >
Re: [SLE] iptables
  • From: Togan Muftuoglu <toganm@xxxxxxxxxxxx>
  • Date: Sat, 2 Nov 2002 18:48:52 +0200
  • Message-id: <20021102164851.GF13355@xxxxxxxxxxxx>
* Rikard Johnels; <rjhn@xxxxxxxx> on 02 Nov, 2002 wrote:
Hi!
Dunna if this is thr right list, but i need help blocking IP's from access to my network.
I get a few "tries" similar to:
213.66.14.220 - - [02/Nov/2002:16:46:13 +0100] "GET /scripts/root.exe?
/c+dir HTTP/1.0" 404 270
Is there a way to block them automagically, or do i have to do it "by hand"?
Use the Apache itself

SetEnvIf Request_URI "root.exe|cmd.exe|default.ida" bad-req ErrorLog /var/log/httpd/faq_error.log CustomLog /var/log/httpd/faq_acces.log combined env=!bad-req

Use it in your server conf and these things will now show in your logs


Also: I nmap my gateway:

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second

I run iptables and try to block 111,139,631,1009 and 1025
iptables -A INPUT -p tcp --destination-port 111 -i eth0 -j DROP
but it is still open if i check again. Why?

Where did you ran the nmap from inside ?

--

Togan Muftuoglu
Unofficial SuSE FAQ Maintainer
http://dinamizm.ath.cx



< Previous Next >
References