[CentOS] Simple way to banish IP addresses ?

Mon Oct 12 03:09:42 UTC 2009
Lucian @ lastdot.org <lucian at lastdot.org>

On Fri, Oct 9, 2009 at 7:35 PM, Niki Kovacs <contact at kikinovak.net> wrote:
> Hi,
>
> I just set up a web server... and my bandwidth is being eaten by some
> chinese folks trying to brute-force-ssh their way into the machine.
>
> Is there a simple way to banish either single IP addresses or, maybe
> even better, whole IP classes ? I know it's feasible with iptables, but
> is there something more easily configurable ?
>
> Cheers,
>
> Niki
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

The best way is iptables.
If you know you dont/wont have any relations within China/Taiwan/etc
you could ban whole subnets.
It would help to use ipset in conjunction with iptables, just for
optimisation's sake :)