From owner-freebsd-questions@FreeBSD.ORG Fri Mar 4 00:02:43 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4F0911065670 for ; Fri, 4 Mar 2011 00:02:43 +0000 (UTC) (envelope-from Ggatten@waddell.com) Received: from mailhost1.waddell.com (mailhost1.waddell.com [67.130.252.46]) by mx1.freebsd.org (Postfix) with ESMTP id 180158FC0C for ; Fri, 4 Mar 2011 00:02:43 +0000 (UTC) Received: from emlpfilt2.waddell.com (mailhost2.waddell.com [10.1.10.30]) by mailhost1.waddell.com (Postfix) with ESMTP id BAACF50D87; Thu, 3 Mar 2011 18:02:42 -0600 (CST) Received: from emlpfilt2.waddell.com (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id AD3B25788F4; Thu, 3 Mar 2011 18:02:42 -0600 (CST) Received: from WADPHTCAS0.waddell.com (wadphtcas0.waddell.com [192.168.203.229]) by emlpfilt2.waddell.com (Postfix) with ESMTP id 5EBB62F8003; Thu, 3 Mar 2011 18:02:42 -0600 (CST) Received: from WADPMBXV0.waddell.com ([169.254.1.145]) by WADPHTCAS0.waddell.com ([192.168.203.229]) with mapi; Thu, 3 Mar 2011 18:02:41 -0600 From: Gary Gatten To: 'Patrick Gibson' , Jorge Biquez Date: Thu, 3 Mar 2011 18:02:41 -0600 Thread-Topic: Simplest way to deny access to a class C Thread-Index: AcvZ/uh7YvO83hW5TwiOEUt1bAhy1gAAFFgQ Message-ID: <11805_1299196962_4D702C22_11805_70_1_D9B37353831173459FDAA836D3B43499BD354A48@WADPMBXV0.waddell.com> References: <3382016411-764985335@intranet.com.mx> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "freebsd-questions@freebsd.org" Subject: RE: Simplest way to deny access to a class C X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2011 00:02:43 -0000 Be careful of automated responses. What if someone spoofs IP's of legit us= ers / customers / whatever and your automated response blocks them? Not go= od. I thought about blocking....well, never mind - might pi$$ someone off and a= ttract unwanted attention... -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@f= reebsd.org] On Behalf Of Patrick Gibson Sent: Thursday, March 03, 2011 5:58 PM To: Jorge Biquez Cc: freebsd-questions@freebsd.org Subject: Re: Simplest way to deny access to a class C You might consider mod_security (/usr/ports/www/mod_security) which can be set up to ban hosts based on behaviour or characteristics. Or fail2ban (/usr/ports/security/py-fail2ban) is really great, too, in that it scans whatever logs you want, and can trigger a block in your firewall if enough violating log entries are found within a particular period of time. Everything is totally configurable, and there are plenty of examples that come with it. Patrick On Thu, Mar 3, 2011 at 8:59 AM, Jorge Biquez wrot= e: > Hello all. > > I am sorry in advance if this question sounds too stupid. > > I have a small server for personal use of webpages running: > > 7.3-PRERELEASE FreeBSD 7.3-PRERELEASE #0 > > it is working fine , no problem very stable. > > I just need to block some IP class C address that are always trying to > "discover" directories or applications under the web server. They do not = do > and can not do anything since this server has nothing installed but i am > tired of seeing in the logs all the intents they do every 2-3 seconds. > > I have not installed any kind of firewall yet. > What do you think is the best way to accomplish this task? If possible the > easiest one. I do not want to do anything else but just bloc IP's, at this > moment at least. > > Thanks in advance. > > Jorge Biquez > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
"This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system."