Index: [Article Count Order] [Thread]

Date:  Thu, 3 Apr 2008 12:08:30 -0700
From:  "Doug Harvey" <ohgoodiee (at mark) gmail.com>
Subject:  [coba-e:12453] Re: List of IP's to block
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <47f52ad1.1487460a.530b.fffff819 (at mark) mx.google.com>
In-Reply-To:  <1536.71.236.246.129.1207244989.squirrel (at mark) www.limo.net>
X-Mail-Count: 12453

Greg.  I toyed with that as well, but I believe (I could be wrong) that it
only works for SSH. Since I disabled SSH, it doesn't do me any good.  I want
the packets dropped right at the gate.

Doug

 

-----Original Message-----
From: Greg Schiedler [mailto:Greg (at mark) Limo.Net] 
Sent: Thursday, April 03, 2008 10:50 AM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:12450] Re: List of IP's to block

Personally I use http://denyhosts.sourceforge.net/ and run it as a deamon
with the sync option that way I get a list of IP that are know to be trying
to gain unauthorized access to boxes areound the world.

Greg

> After looking at the links below how would you add a region that you 
> want to block?  Would you just telnet in to the BQ box and add all the 
> IP's into iptables?  Or is there a better way in handling this!
>
> Thanks
> Rob C
>
> -----Original Message-----
> From: Doug Harvey [mailto:ohgoodiee (at mark) gmail.com]
> Sent: Wednesday, April 02, 2008 3:01 PM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:12430] Re: List of IP's to block
>
> Thank you!
>
> I've been pouring through all the logs, picking them out one-by-one 
> and I would like to be able to just take a whole region in one line 
> vs. 500 lines.
>
> All the best,
> Doug
>
>
> -----Original Message-----
> From: Dan Kriwitsky [mailto:webhosting (at mark) yahoo.com]
> Sent: Wednesday, April 02, 2008 1:48 PM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:12428] Re: List of IP's to block
>
>
> --- Doug Harvey <ohgoodiee (at mark) gmail.com> wrote:
>
>> Hi Blues.
>>
>> Do any of you (most notable the hosting companies out there) have a 
>> list of IP addresses that you automatically put into the iptables 
>> when
>
>> you build a new box?
>>
>>
>
> http://www.completewhois.com/statistics/data/ips-bycountry/rirstats/CN
> -c
> idr.
> txt
> http://www.completewhois.com/statistics/data/ips-bycountry/rirstats/KR
> -c
> idr.
> txt
> http://www.completewhois.com/statistics/data/ips-bycountry/rirstats/RU
> -c
> idr.
> txt
>
> Take your pick from
> http://www.completewhois.com/statistics/data/ips-bycountry/rirstats/
>
> --
> Dan Kriwitsky