Re: Block IP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 8/31/06, JeeBee <JeeBee@xxxxxxxxxxxx> wrote:
I just had the same problem. I wanted to block an ip that is constantly
doing a dictionary attack on my system. This is the situation before:

/etc/hosts.allow:
  ALL : <some trusted domains here>
  sshd : ALL
/etc/hosts.deny:
  ALL : ALL

The only way I could see to add this ip address I want to block is
to change sshd:ALL in hosts.allow to sshd:ALL EXCEPT 1.2.3.4.

If I sould add sshd:1.2.3.4 to hosts.deny, this would totally be
ignored.
Perhaps it would be more neat to remove sshd:ALL from hosts.allow
and to remove ALL:ALL from hosts.deny.
Then I could say sshd:1.2.3.4 in hosts.deny.
However, what more will be allowed then? The ALL:ALL in hosts.deny
blocks a lot more of course.

Still, I have the feeling that ALL EXCEPT <long lists of untrusted ips
here> is not the way to go.
Can anybody tell me how this should be done?


Hey,

A script which automatically blocks the offending ips. Please read the
documentation for more information regarding this.

http://denyhosts.sourceforge.net/

Regards

Ankush Grover


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux