LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-22-2005, 06:52 AM   #1
w0lv3rin3
Member
 
Registered: Mar 2004
Location: Barrie, ON
Distribution: Slackware 9.1, 10.0, 10.1, 11.0
Posts: 102

Rep: Reputation: 15
howto block IPs from my machine totaly


any1 know if their is a config file in linux slackware to ban a set or a list of ips totaly from my machine? i see a user is trying to gain access into my machine, and i want him to stop, by doin this i was hopein one of u linux gurus can help me out.

ATM, the retard is trying to access my SSH
 
Old 02-22-2005, 07:02 AM   #2
harken
Member
 
Registered: Jan 2005
Location: Between the chair and the desk
Distribution: Debian Sarge, kernel 2.6.13
Posts: 666

Rep: Reputation: 30
You can either disable the ssh daemon or you can use iptables: 'iptables -I INPUT 1 -p tcp --source his.ip.goes.here -j DROP'.
You may want to log the guy's attempts: 'iptables -I INPUT 1 -p tcp --source again.his.ip.here -j LOG --log-level error --log-prefix "Bad guy attempt"'

The two entries should come in this order to actually log the packets.

Last edited by harken; 02-22-2005 at 07:03 AM.
 
Old 02-22-2005, 07:07 AM   #3
w0lv3rin3
Member
 
Registered: Mar 2004
Location: Barrie, ON
Distribution: Slackware 9.1, 10.0, 10.1, 11.0
Posts: 102

Original Poster
Rep: Reputation: 15
that was the first thing i did, looked in my logs, thx again for your help
 
Old 02-22-2005, 07:23 AM   #4
w0lv3rin3
Member
 
Registered: Mar 2004
Location: Barrie, ON
Distribution: Slackware 9.1, 10.0, 10.1, 11.0
Posts: 102

Original Poster
Rep: Reputation: 15
is their a way to view what IP i currectly have blocked, allowed, atc?

and to get things stright: i put in the following:

iptables -I INPUT 1 -p tcp --source xxx.xxx.xxx.xxx -j DROP

iptables -I INPUT 1 -p tcp --source xxx.xxx.xxx.xxx -j LOG --log-level error --log-prefix "Bad guy attempt"

Last edited by w0lv3rin3; 02-22-2005 at 07:36 AM.
 
Old 02-22-2005, 07:49 PM   #5
Linux~Powered
Member
 
Registered: Jan 2004
Location: /lost+found
Distribution: Slackware 14.2
Posts: 845

Rep: Reputation: 33
Edit your /etc/hosts.allow and /etc/hosts.deny file.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
block ips in valknut kb_ganesh Linux - Networking 0 12-01-2005 11:36 AM
want to block some prots on some IPs......? shahg_shahg Linux - Networking 1 07-01-2005 01:38 PM
How to block specific IPs? cranium2004 Linux - Networking 3 04-01-2005 10:02 AM
block all IPs except one how in my setup?? cranium2004 Linux - Networking 3 03-20-2005 04:24 PM
Block list of IPs with SuSEFIREWALL2 mephitic Linux - Security 1 12-05-2004 02:50 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 11:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration