Welcome to WebmasterWorld Guest from 54.227.72.69

Forum Moderators: bakedjake

Message Too Old, No Replies

how to block an ip

     
11:21 am on Oct 2, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:May 13, 2004
posts:51
votes: 0


Hi,

I have an ip address trying to hack my sendmail. I have blocked him with host.deny but now in my secure log I'm getting :-
Oct 2 12:03:09 ns in.qpopper[7798]: refused connect from 111.111.111.111
every second which is screwing up other peoples access to the smtp server.

Is there anything else I can do to remove this "person"

Cheers

Andy

[edited by: engine at 11:32 am (utc) on Oct. 2, 2007]
[edit reason] ip obfuscated [/edit]

11:26 am on Oct 2, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 11, 2003
posts:5069
votes: 12


iptables -A INPUT --source 123.123.123.123 --jump DROP

That should drop them via firewall, SMTP won't even see them anymore.

11:36 am on Oct 2, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:May 13, 2004
posts:51
votes: 0


Hi,

Thanks for your quick response, but this is an ancient raq4 which doesn't run iptables.

12:18 pm on Oct 2, 2007 (gmt 0)

Full Member

5+ Year Member

joined:Dec 3, 2006
posts:257
votes: 0


ipchains -I input 1 -s 123.123.123.123 -j DENY
12:44 pm on Oct 2, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:May 13, 2004
posts:51
votes: 0


Okay...

I tried this command, but it appears ipchains isn't running, ipchains is on this raq4 so if you could guide me on how to configure and start it, I think this would be the answer.

Cheers

A

1:30 pm on Oct 2, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Aug 11, 2004
posts:1014
votes: 0


ipchains is an external program you can download for free (try searching for ipchains-1.3.10.tar.gz for example). If you're not familiar with server maintenance, ask the company you rent your server from to install it (mine did, for me).

Matt

1:34 pm on Oct 2, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Aug 11, 2004
posts:1014
votes: 0


Sorry, I'm a clot. You said you *have* ipchains. Okay, make a directory under your root account, untar the archive into there and then read the file entitled README. It should explain how to get going.

The README file accompanying my copy also recommends

"See the HOWTO (available from the web page at
[rustcorp.com...]

Matt

1:47 pm on Oct 2, 2007 (gmt 0)

Full Member

5+ Year Member

joined:Dec 3, 2006
posts:257
votes: 0


I tried this command, but it appears ipchains isn't running, ipchains is on this raq4 so if you could guide me on how to configure and start it, I think this would be the answer.

What error message do you have?
2:06 pm on Oct 2, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:May 13, 2004
posts:51
votes: 0


Hi

Sorted!

I ran a status command and found it was running, then when I ran the deny command I had to run it from /sbin but it's now worked

Thank you all very much.

Regards

Andy

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members