Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 3 Mar 2011 12:12:58 -0500
From:      Nathan Vidican <>
To:        Jorge Biquez <>
Subject:   Re: Simplest way to deny access to a class C
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Since you currently have NO firewall, then I would say the simplest method
would be to turn one on, and create an open ruleset allowing all traffic,
then add a filter rule to just block out what you do not want. However,
having said this is the simplest way - it is not the best or even a really
good way. Firewall should be inclusive; designed to only allow what you DO
want and ignore/drop everything else. Please see: for
a good explanation and overview. Some firewalls can be used as modules with
the generic kernel, some will require you to compile a custom kernel - again
there are advantages/disadvantages to either approach. Personally I use IPFW
for simple stuff, and PF when it gets more complex, but that's just me.

On Thu, Mar 3, 2011 at 11:59 AM, Jorge Biquez <>wrote:

> Hello all.
> I am sorry in advance if this question sounds too stupid.
> I have a small server for personal use of webpages running:
> it is working fine , no problem very stable.
> I just need to block some IP class C address that are always trying to
> "discover" directories or applications under the web server. They do not do
> and can not do anything since this server has nothing installed but i am
> tired of seeing in the logs all the intents they do every 2-3 seconds.
> I have not installed any kind of firewall yet.
> What do you think is the best way to accomplish this task? If possible the
> easiest one. I do not want to do anything else but just bloc IP's, at this
> moment at least.
> Thanks in advance.
> Jorge Biquez
> _______________________________________________
> mailing list
> To unsubscribe, send any mail to "

Nathan Vidican
(519) 962-9987 (Canada)
(313) 586-1982 (USA)

Want to link to this message? Use this URL: <>