[Zeffie-Users] (raq4) hack attempt
Zeffie
zeffie at zeffie.net
Thu Apr 21 13:52:42 EDT 2005
> How are you doing?
> I have mentioned this in auth log:
<SNIP>
> Some potz from Japan is probing my server.
> How could I make my server block for a hour/day that IP?
To Avoid this sort of thing you would do a whois and block the range if
desired or... better yet.. never allow them to connect to begin with.
That's one thing you can do with my Security Package and it's something I
think people often miss...
Most firewalls in the cobalt world are configured such that they don't
stop strangers from connecting to your ssh port... in fact all of the world
is allowed to connect and try their luck. I am the only one in the cobalt
world to have a firewall that actually provides access control lists
(acls's) for the cobalt products.
ACL's allow you to list your ip/ip range as allowed to connect (to the
ssh port for example) and then allows you to by default block every other ip
on the internet... so when ssh goes bad (gets holes) you don't have to care
so much because your the only one that can connect to it...
With my Security package you can control access by ip for all the common
ports and block whoever you want my ip, ip range, and even includes a class
a blocker with excluded ports (things like 212.0.0.0/8)
http://www.zeffie.com/cobalt_security.html
there is a lot more you can do with it... this is just a little...
Zeffie...
"Get your Z's with Zeffie"
http://www.zeffie.com/ 734-454-9117
Cobalt RaQ Repairs, Development, and Maintenance.
Home of the Worlds Largest Collection of RaQ rpms
Cobalt Spam Filter, Security, Firewall, Anti Virus Products
http://www.ensimfirewall.com/ The Only Ensim Certified Firewall!
More information about the Zeffie-Users
mailing list