[CentOS] Simple way to banish IP addresses ?

Oliver Ransom oliver at ransom.com.au
Mon Oct 12 03:20:46 UTC 2009


The best way to do it is with iptables. If you want something "more  
easily configurable" then some front end for it would be most useful.  
Webmin most likely provides a graphical interface to do it.

Adding rules to drop traffic from IPs or whole subnets is not that  
difficult if you have a basic understand of IPv4 networking.

There are some well documented examples on this page (including one to  
do what you're after):
http://www.dd-wrt.com/wiki/index.php/Iptables_command#Examples

Regards,
Oliver

On 12/10/2009, at 9:52 AM, mark wrote:

> Toby Bluhm wrote:
>> Toby Bluhm wrote:
>>> Niki Kovacs wrote:
>>>>
>>>> I just set up a web server... and my bandwidth is being eaten by  
>>>> some
>>>> chinese folks trying to brute-force-ssh their way into the machine.
>>>>
>>>> Is there a simple way to banish either single IP addresses or,  
>>>> maybe
>>>> even better, whole IP classes ? I know it's feasible with  
>>>> iptables, but
>>>> is there something more easily configurable ?
> <snip>
> Let me note that at work, the security group has a script set up  
> that does it
> automagically, after so many attempts.
>
> And every morning or two in the logs, I see attacks from China, or  
> Mexico, or
> Spain, or Taiwan... but then, we are a well-known site.
>
> 	mark, supporting the NIH
>
> -- 
> "The Pluto Files", Neil Degrasse Tyson.
> Pluto shall rise again! - whitroth
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos



More information about the CentOS mailing list