homepage Welcome to WebmasterWorld Guest from 54.167.138.53
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
how to block an ip
adwhite




msg:3466877
 11:21 am on Oct 2, 2007 (gmt 0)

Hi,

I have an ip address trying to hack my sendmail. I have blocked him with host.deny but now in my secure log I'm getting :-
Oct 2 12:03:09 ns in.qpopper[7798]: refused connect from 111.111.111.111
every second which is screwing up other peoples access to the smtp server.

Is there anything else I can do to remove this "person"

Cheers

Andy

[edited by: engine at 11:32 am (utc) on Oct. 2, 2007]
[edit reason] ip obfuscated [/edit]

 

wheel




msg:3466886
 11:26 am on Oct 2, 2007 (gmt 0)

iptables -A INPUT --source 123.123.123.123 --jump DROP

That should drop them via firewall, SMTP won't even see them anymore.

adwhite




msg:3466893
 11:36 am on Oct 2, 2007 (gmt 0)

Hi,

Thanks for your quick response, but this is an ancient raq4 which doesn't run iptables.

Achernar




msg:3466918
 12:18 pm on Oct 2, 2007 (gmt 0)

ipchains -I input 1 -s 123.123.123.123 -j DENY

adwhite




msg:3466935
 12:44 pm on Oct 2, 2007 (gmt 0)

Okay...

I tried this command, but it appears ipchains isn't running, ipchains is on this raq4 so if you could guide me on how to configure and start it, I think this would be the answer.

Cheers

A

Matt Probert




msg:3466985
 1:30 pm on Oct 2, 2007 (gmt 0)

ipchains is an external program you can download for free (try searching for ipchains-1.3.10.tar.gz for example). If you're not familiar with server maintenance, ask the company you rent your server from to install it (mine did, for me).

Matt

Matt Probert




msg:3466987
 1:34 pm on Oct 2, 2007 (gmt 0)

Sorry, I'm a clot. You said you *have* ipchains. Okay, make a directory under your root account, untar the archive into there and then read the file entitled README. It should explain how to get going.

The README file accompanying my copy also recommends

"See the HOWTO (available from the web page at
[rustcorp.com...]

Matt

Achernar




msg:3467006
 1:47 pm on Oct 2, 2007 (gmt 0)

I tried this command, but it appears ipchains isn't running, ipchains is on this raq4 so if you could guide me on how to configure and start it, I think this would be the answer.

What error message do you have?

adwhite




msg:3467020
 2:06 pm on Oct 2, 2007 (gmt 0)

Hi

Sorted!

I ran a status command and found it was running, then when I ran the deny command I had to run it from /sbin but it's now worked

Thank you all very much.

Regards

Andy

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved