Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
View Poll Results: Do you get ssh hack attempts, apache exploits, etc, from Eurpoe on your server?
Yes, I get hack attempts. I run a production server.
6
31.58%
No, I don't get hack attempts. I run a production server.
2
10.53%
Yes, I get hack attempts. I run a personal server at home.
9
47.37%
No, I don't get hack attempts. I run a personal server at home.
I'm sick of port scans, ssh brute-force attempts, attempted apache/myphpadmin exploit attempts, email spam, and various other bullshit that come from other countries.
I would like to drop all packets from everyone other than the US. Right now, I'm using Okean's Korea and China blacklists to block Korea and China ( http://okean.com/thegoods.html ). But I'm still getting spam from Germany, the UK, Italy, and other crap.
All I need is a list of IPs in CIDR notation that are allocated to only the United States. I can have a default deny, then allow the US IPs.
monthly updated GeoIP db is available for free for non-commercial use also from http://www.maxmind.com/
and for commercial use a more frequently updated IP db from maxmind as well.
instead of banning all NON-US countries - i have setup a large iptables list blocking C/B or even A networks ( specially china ) if i encounter a hack attempt.
normal is about one daily hack attempt on a server ...
my first one started before my domain was fully setup - that helped me to strengthen the security.
NO password login - only serverkey access via ssh
if blocking ALL NON-US access - pls keep in mind that you also deny access to all US abroad - there are MILLIONS of US citizen permanently or tgemporarily living abroad / overseas, it also blocks all US on travel, on vacation - including yourself when traveling ...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.