LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 04-07-2003, 11:05 PM   #1
im1crazyassmofo
Member
 
Registered: Jan 2003
Distribution: Slackware 13
Posts: 89

Rep: Reputation: 15
banning an ip


i want to ban this kids ip address so he cant get into my boxx...how do i do that?!?! please help!
 
Old 04-07-2003, 11:29 PM   #2
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
/etc/hosts.deny
 
Old 04-07-2003, 11:30 PM   #3
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
but getting his MAC address may be more effective, since he can change ip's (especially if they are dynamic)
 
Old 04-07-2003, 11:30 PM   #4
MasterC
Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
Place the IP address in /etc/hosts.deny

Here's the syntax:
httpd: 1.2.3.4

Assuming you don't want them in via http, do the same for ftp and so on if that's also a problem (I think maybe just a generic IP might block all traffic from that box to your box...).

Cool
 
Old 04-07-2003, 11:50 PM   #5
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
Quote:
Here's the syntax:
httpd: 1.2.3.4
from the sound of the original post, it seems all access should be blocked:

ALL: 1.2.3.4
 
Old 04-08-2003, 12:09 AM   #6
MasterC
Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
Hey cool, thanks for showing me that. I've just been denying them, service by service

Cool
 
Old 04-08-2003, 12:18 AM   #7
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
Quote:
Hey cool, thanks for showing me that. I've just been denying them, service by service
eeew, thats just ugly.

I recommend skimming:
'man 5 hosts_access'

(especially the wildcards)
; )
 
Old 04-08-2003, 12:41 AM   #8
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
Whats so ugly about it?
 
Old 04-08-2003, 12:56 AM   #9
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
Well, the idea usually behind security is to deny all, and then let some through. this way you can account for the unexpected. The method you seem to be using is IF I remember to block it off, I will. the all method is more like IF it doesn't work, then I know I have to be a bit more lenient. As far as 'ugly', i was thinking of a long list of allows/denies, which is both hard to keep up-to-date and is not generally easy to manage, IMHO.
 
Old 04-08-2003, 01:12 AM   #10
MasterC
Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
Yeah, definitely get the idea. So unless you specifically want to allow your buddies all access except 1 (such as ssh) then you would put them in the "ALL" pile.

I've got a question at this point, but I think it will be answered in the man page you've suggested above. However, just for fun I'll post it up, and if I find the answer, reply

Which file is read first, or takes more presidence:
hosts.deny
hosts.allow
?

Cool
 
Old 04-08-2003, 01:30 AM   #11
maxspeed
Member
 
Registered: Mar 2003
Posts: 41

Rep: Reputation: 15
this will block all and make your computer invisible to him.

iptables -A INPUT -p tcp --sport xxx.xxx.xxx.xxx -j REJECT --reject-with tcp-reset
 
Old 04-08-2003, 05:51 AM   #12
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
Quote:
I've got a question at this point
It works the way it should...

HOSTS_ACCESS(5)
 
Old 04-08-2003, 07:15 AM   #13
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,541
Blog Entries: 54

Rep: Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924Reputation: 2924
but getting his MAC address may be more effective, since he can change ip's (especially if they are dynamic)

AFAIK blocking anything by MAC addr will only work inside a LAN, not outside.
 
Old 04-08-2003, 01:59 PM   #14
Shinobi
Member
 
Registered: Mar 2003
Posts: 46

Rep: Reputation: 15
Which file is read first, or takes more presidence:
hosts.deny
hosts.allow



http://www.wundermoosen.com/TMAHelp/pgs/inetdconf.htm

"If hosts.allow were to say: "grant access to all" and if hosts.deny were to say: "deny access to all", the hosts.deny entry would not trump hosts.allow. It would be ignored."

So hosts.deny is used to fine tune hosts.allow and not otherwise.
 
Old 04-08-2003, 02:01 PM   #15
Shinobi
Member
 
Registered: Mar 2003
Posts: 46

Rep: Reputation: 15
Quote:
Originally posted by maxspeed
this will block all and make your computer invisible to him.

iptables -A INPUT -p tcp --sport xxx.xxx.xxx.xxx -j REJECT --reject-with tcp-reset

It won't make your hardware invisible to him. This is a software firewall, not quite as effective as a true firewall.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
MEPISlovers banning certain people? galen Linux - Distributions 10 12-15-2004 01:47 AM
banning IP addresses in samba HedAche Linux - Networking 4 07-02-2004 05:01 PM
banning an IP digsby0007 Linux - Security 11 02-27-2004 01:02 AM


All times are GMT -5. The time now is 11:53 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration