Robert Spangler wrote: > On Wednesday 11 May 2011 12:58, the following was written: >> the atempts are from a certain registrar's region, I won't name it, > > iptables -I INPUT -i eth0 -s x.x.x.x/24 -j DROP I do not consider /24 subnet a "region subnet". You would need to use something like sophisticated reverse DNS to resolve IP of the connection and that would take time, not to mention problems with false positives and .com, etc. Only way would be if you would know physical locations of respective subnets. I use denyhosts that regularly pools new offenders IP's from protected systems all around a world. On my 3 servers, in last 5 months, I had only 114 e-mail reports of an ssh attempt. denyhosts uses hosts.deny, and currently I have ~7000 IP's blocked from there that are automatically blocked. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: iptables to block region-specific ip's?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: iptables to block region-specific ip's?
- From: Ljubomir Ljubojevic <office@xxxxxxxx>
- Date: Wed, 11 May 2011 21:48:04 +0200
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <201105111508.10168.mlists@xxxxxxxxxxxxxxxx>
- Organization: PL Computers / PL Systems
- User-agent: Thunderbird 2.0.0.24 (X11/20110429)
- Follow-Ups:
- Re: iptables to block region-specific ip's?
- From: David Mehler
- Re: iptables to block region-specific ip's?
- References:
- iptables to block region-specific ip's?
- From: David Mehler
- Re: iptables to block region-specific ip's?
- From: Robert Spangler
- iptables to block region-specific ip's?
- Prev by Date: Re: iptables to block region-specific ip's?
- Next by Date: Re: RHEL 6/CentOS
- Previous by thread: Re: iptables to block region-specific ip's?
- Next by thread: Re: iptables to block region-specific ip's?
- Index(es):
 |