Blocking ips permanently and throwing away the keys
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Blocking ips permanently and throwing away the keys
I want to block some ips permanently ie. even I as the root user cannot unblock these ips without having to format the whole system.
So i thought if some blocking software provided passwords for editing rules and I put a 'junk' password there and so that I can't delete the rules without the 'junk' password which I don't know.
So I examined iptables and I saw that it is a kernel module so there is no use of that since I can probably throw it away.
But the basic question is to block ips and gulp the key.
If you are (or someone is) root, and/or you have (or someone has) physical access, there's going to be a way to modify your packet filtering ruleset, ACL, or.. whatever.
The normal solution should suffice. If you're having system access control issues (someone removing your blocks), maybe revoke access from that individual or lock down their permissions so that they can't make changes you don't want. If you do this the right way, you won't need the super solution you're currently looking for.
Well yes it is a save me from myself situation. The effort required to reverse the blockage should be as much as formatting and reinstalling.
And yes there is no other person involved it is only me and I can't destroy the root password because I need it for other things.
Thanks
Last edited by jmstr10; 09-23-2010 at 02:58 AM.
Reason: forgot
How about setting up sudo privileges for your (non-root) user account such that you can do your administrative tasks using sudo? That way you wouldn't need "real" root privileges (you could even disable root account if you wanted to) and there was no problem.
It's just not sane to try to make something so difficult to yourself that it's "too difficult/time consuming to even start", and think you're safe that way. It's just easier to tell yourself not to do it. If we compare this situation to one where you'd try to stop smoking, there is no way you can deny yourself a cigarette if you really want it. But you could use something to make up for the real thing while learning to live without; ex-smokers use all sorts of things that provide nicotin without having to smoke, so you could use (well configured/"limited") sudo to get rid of being root all the time. Even better, you could just learn to live with yourself, but that's quite a hard task sometimes
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
