Geert Hauwaerts writes: > Add them in your firewall > > iptables -A INPUT -i eth0 -s THERE_IP -j DROP >
iptables -I INPUT -i eth0 -s THERE_IP -j DROP is the better choice in most iptables firewalls. Christian > > ========================================================== > | Geert Hauwaerts | Linux: | > | [EMAIL PROTECTED] | | > | [EMAIL PROTECTED] | The choice of a GNU generation. | > | Because rebooting is for adding new hardware. | > ========================================================== > > -----Oorspronkelijk bericht----- > Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Verzonden: woensdag 6 maart 2002 14:30 > Aan: Security-Basics List > Onderwerp: apache being bombarded > > > Hi gurus > one of my apache servers is being bombarded by some IPs (in different > ranges) trying for a root.exe or cmd.exe. etc. > luckily im on redhat 71. linux. > but the tries frequency is every second from some ip or another. im > running portsentry but portesntry does not log port 80 > how do i block them from permanently accessing my server. > BTW ive put that IPs in my /etc/hosts.deny still no joy. > > thanks > durga prasad > > > >
