On 4 March 2011 02:43, Jorge Biquez <jbiq...@intranet.com.mx> wrote: > Thank you all for your time and comments. > > I guess that I will install a firewall, that way I can also block those > Class C's from sending tons of emails to non existing accounts.... > I will read the website to see the best options. Any suggestion is more > than welcome. > > Jorge Biquez > > > At 06:02 p.m. 03/03/2011, you wrote: > >> Be careful of automated responses. What if someone spoofs IP's of legit >> users / customers / whatever and your automated response blocks them? Not >> good. >> >> I thought about blocking....well, never mind - might pi$$ someone off and >> attract unwanted attention... >> >> -----Original Message----- >> From: owner-freebsd-questi...@freebsd.org [mailto: >> owner-freebsd-questi...@freebsd.org] On Behalf Of Patrick Gibson >> Sent: Thursday, March 03, 2011 5:58 PM >> To: Jorge Biquez >> Cc: freebsd-questions@freebsd.org >> Subject: Re: Simplest way to deny access to a class C >> >> You might consider mod_security (/usr/ports/www/mod_security) which >> can be set up to ban hosts based on behaviour or characteristics. >> >> Or fail2ban (/usr/ports/security/py-fail2ban) is really great, too, in >> that it scans whatever logs you want, and can trigger a block in your >> firewall if enough violating log entries are found within a particular >> period of time. Everything is totally configurable, and there are >> plenty of examples that come with it. >> >> Patrick >> >> >> On Thu, Mar 3, 2011 at 8:59 AM, Jorge Biquez <jbiq...@intranet.com.mx> >> wrote: >> > Hello all. >> > >> > I am sorry in advance if this question sounds too stupid. >> > >> > I have a small server for personal use of webpages running: >> > >> > 7.3-PRERELEASE FreeBSD 7.3-PRERELEASE #0 >> > >> > it is working fine , no problem very stable. >> > >> > I just need to block some IP class C address that are always trying to >> > "discover" directories or applications under the web server. They do not >> do >> > and can not do anything since this server has nothing installed but i am >> > tired of seeing in the logs all the intents they do every 2-3 seconds. >> > >> > I have not installed any kind of firewall yet. >> > What do you think is the best way to accomplish this task? If possible >> the >> > easiest one. I do not want to do anything else but just bloc IP's, at >> this >> > moment at least. >> > >> > Thanks in advance. >> > >> > Jorge Biquez >> > >> > _______________________________________________ >> > freebsd-questions@freebsd.org mailing list >> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> > To unsubscribe, send any mail to " >> freebsd-questions-unsubscr...@freebsd.org" >> > >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to " >> freebsd-questions-unsubscr...@freebsd.org" >> >> >> >> >> >> <font size="1"> >> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in >> 0in 1.0pt 0in'> >> </div> >> "This email is intended to be reviewed by only the intended recipient >> and may contain information that is privileged and/or confidential. >> If you are not the intended recipient, you are hereby notified that >> any review, use, dissemination, disclosure or copying of this email >> and its attachments, if any, is strictly prohibited. If you have >> received this email in error, please immediately notify the sender by >> return email and delete this email from your system." >> </font> >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to " >> freebsd-questions-unsubscr...@freebsd.org" >> > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscr...@freebsd.org" >
you might wamt to look at geoip as well. you can open up services to specif regions then, or block other regions. Can be controversial though. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
