Date: Thu, 03 Mar 2011 20:43:56 -0600 From: Jorge Biquez <jbiquez@intranet.com.mx> To: freebsd-questions@freebsd.org Subject: RE: Simplest way to deny access to a class C Message-ID: <3382051429-764985639@intranet.com.mx> In-Reply-To: <11805_1299196962_4D702C22_11805_70_1_D9B37353831173459FDAA 836D3B43499BD354A48@WADPMBXV0.waddell.com> References: <3382016411-764985335@intranet.com.mx> <AANLkTi=Fb_CiA76g79ZkP8o_yWsQcN6iuPD7w=dBxztQ@mail.gmail.com> <11805_1299196962_4D702C22_11805_70_1_D9B37353831173459FDAA836D3B43499BD354A48@WADPMBXV0.waddell.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you all for your time and comments. I guess that I will install a firewall, that way I can also block those Class C's from sending tons of emails to non existing accounts.... I will read the website to see the best options. Any suggestion is more than welcome. Jorge Biquez At 06:02 p.m. 03/03/2011, you wrote: >Be careful of automated responses. What if someone spoofs IP's of >legit users / customers / whatever and your automated response >blocks them? Not good. > >I thought about blocking....well, never mind - might pi$$ someone >off and attract unwanted attention... > >-----Original Message----- >From: owner-freebsd-questions@freebsd.org >[mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Patrick Gibson >Sent: Thursday, March 03, 2011 5:58 PM >To: Jorge Biquez >Cc: freebsd-questions@freebsd.org >Subject: Re: Simplest way to deny access to a class C > >You might consider mod_security (/usr/ports/www/mod_security) which >can be set up to ban hosts based on behaviour or characteristics. > >Or fail2ban (/usr/ports/security/py-fail2ban) is really great, too, in >that it scans whatever logs you want, and can trigger a block in your >firewall if enough violating log entries are found within a particular >period of time. Everything is totally configurable, and there are >plenty of examples that come with it. > >Patrick > > >On Thu, Mar 3, 2011 at 8:59 AM, Jorge Biquez <jbiquez@intranet.com.mx> wrote: > > Hello all. > > > > I am sorry in advance if this question sounds too stupid. > > > > I have a small server for personal use of webpages running: > > > > 7.3-PRERELEASE FreeBSD 7.3-PRERELEASE #0 > > > > it is working fine , no problem very stable. > > > > I just need to block some IP class C address that are always trying to > > "discover" directories or applications under the web server. They do not do > > and can not do anything since this server has nothing installed but i am > > tired of seeing in the logs all the intents they do every 2-3 seconds. > > > > I have not installed any kind of firewall yet. > > What do you think is the best way to accomplish this task? If possible the > > easiest one. I do not want to do anything else but just bloc IP's, at this > > moment at least. > > > > Thanks in advance. > > > > Jorge Biquez > > > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > > > > ><font size="1"> ><div style='border:none;border-bottom:double windowtext >2.25pt;padding:0in 0in 1.0pt 0in'> ></div> >"This email is intended to be reviewed by only the intended recipient > and may contain information that is privileged and/or confidential. > If you are not the intended recipient, you are hereby notified that > any review, use, dissemination, disclosure or copying of this email > and its attachments, if any, is strictly prohibited. If you have > received this email in error, please immediately notify the sender by > return email and delete this email from your system." ></font> > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3382051429-764985639>