From: danodemano <dan...@gm...> - 2008-11-26 18:18:14
|
The server is not capable of it, I already checked. It's a D-Link NAS that runs and EXTREMELY lightweight version of Linux with pureftpd. There might be a way to hack it but I would rather not. The connections did finally stop but only after I shut down the server for about 30 minutes. turbo-2 wrote: > > what about just blocking that IP in your ftp server. > Or is your ftp server not capable of that ? > The connection will propably end after a short time. > > >> I tried to use IP tables at one point but it didn't seem to stick after a >> reboot. Soon as I shut down then brought back the Endian box the rule >> was >> gone. Is there something that needs done to "commit" the rule? >> >> Brains wrote: >>> >>> Such an ugly workaround for something that is ideally as simple as: >>> iptables -A INPUT --src xx.xx.xx.xx --dport 21 -j DROP >>> >>> >>> >>> On Tue, Nov 25, 2008 at 9:46 PM, Herb Hill <he...@am...> >>> wrote: >>> >>>> Just a thought- how about efw outbound rules to block traffic from >>>> behind >>>> efw that has a destination of the ip you want to block? Getting >>>> nothing >>>> back might dissuade him from trying further. Or, put a port forward >>>> rule >>>> at >>>> the top of your list that forwards ftp ports to a non existant internal >>>> IP >>>> when the source IP is the one that is hacking you. >>>> >>>> Might work. >>>> >>>> ----- Original Message ----- >>>> From: "danodemano" <dan...@gm...> >>>> To: <efw...@li...> >>>> Sent: Tuesday, November 25, 2008 7:57 PM >>>> Subject: Re: [Efw-user] Block IP from RED Interface >>>> >>>> >>>> > >>>> > I know this, which is why I want to block certain IP's. I have no >>>> problem >>>> > with SSH, I don't allow access from the outside, only through a VPN >>>> > tunnel. >>>> > I could use a different port for the FTP but there are a number of >>>> people >>>> > who already know and use it the way that it is configured so that's >>>> easier >>>> > said than done. >>>> > >>>> > compdoc wrote: >>>> >> >>>> >> ftp and ssh ports are just going to be tested. No way to use >>>> >> a different port number for ftp? >>>> >> >>>> >> I always keep the ssh service disabled until I need it... >>>> >> >>>> >> >>>> >> >>>> >> -----Original Message----- >>>> >> From: danodemano [mailto:dan...@gm...] >>>> >> Sent: Tuesday, November 25, 2008 4:29 PM >>>> >> To: efw...@li... >>>> >> Subject: Re: [Efw-user] Block IP from RED Interface >>>> >> >>>> >> >>>> >> Guess that's a no. I have a new IP now that's hacking on it >>>> >> and some 600 >>>> >> PAGES of logs just since this morning. It would be very >>>> >> nice to be able to >>>> >> block this (these) IP addresses. ;) >>>> >> >>>> >> danodemano wrote: >>>> >>> >>>> >>> I have a, what I hope to be, quick question. I have an IP >>>> >> address that is >>>> >>> hacking on the FTP server sitting behind my Endian box. >>>> >> The server is >>>> >>> NATed. Just in the past about 12 hours, it's filled up >>>> >> nearly 400 pages >>>> >>> in my IDS logs. Is there a simply way to just outright >>>> >> ban this IP? >>>> >>> Thanks for your help! >>>> >>> >>>> >> >>>> >> -- >>>> >> View this message in context: >>>> >> http://www.nabble.com/Block-IP-from-RED-Interface-tp20564483 >>>> >> p20691782.html >>>> >> Sent from the efw-user mailing list archive at Nabble.com. >>>> >> >>>> >> >>>> >> ------------------------------------------------------------ >>>> >> ------------- >>>> >> This SF.Net email is sponsored by the Moblin Your Move >>>> >> Developer's challenge >>>> >> Build the coolest Linux based applications with Moblin SDK & >>>> >> win great prizes >>>> >> Grand prize is a trip for two to an Open Source event >>>> >> anywhere in the world >>>> >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> >> _______________________________________________ >>>> >> Efw-user mailing list >>>> >> Efw...@li... >>>> >> https://lists.sourceforge.net/lists/listinfo/efw-user >>>> >> >>>> >> >>>> >> >>>> ------------------------------------------------------------------------- >>>> >> This SF.Net email is sponsored by the Moblin Your Move Developer's >>>> >> challenge >>>> >> Build the coolest Linux based applications with Moblin SDK & win >>>> great >>>> >> prizes >>>> >> Grand prize is a trip for two to an Open Source event anywhere in >>>> the >>>> >> world >>>> >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> >> _______________________________________________ >>>> >> Efw-user mailing list >>>> >> Efw...@li... >>>> >> https://lists.sourceforge.net/lists/listinfo/efw-user >>>> >> >>>> >> >>>> > >>>> > -- >>>> > View this message in context: >>>> > >>>> http://www.nabble.com/Block-IP-from-RED-Interface-tp20564483p20692806.html >>>> > Sent from the efw-user mailing list archive at Nabble.com. >>>> > >>>> > >>>> > >>>> ------------------------------------------------------------------------- >>>> > This SF.Net email is sponsored by the Moblin Your Move Developer's >>>> > challenge >>>> > Build the coolest Linux based applications with Moblin SDK & win >>>> great >>>> > prizes >>>> > Grand prize is a trip for two to an Open Source event anywhere in the >>>> > world >>>> > http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> > _______________________________________________ >>>> > Efw-user mailing list >>>> > Efw...@li... >>>> > https://lists.sourceforge.net/lists/listinfo/efw-user >>>> > >>>> >>>> >>>> ------------------------------------------------------------------------- >>>> This SF.Net email is sponsored by the Moblin Your Move Developer's >>>> challenge >>>> Build the coolest Linux based applications with Moblin SDK & win great >>>> prizes >>>> Grand prize is a trip for two to an Open Source event anywhere in the >>>> world >>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> _______________________________________________ >>>> Efw-user mailing list >>>> Efw...@li... >>>> https://lists.sourceforge.net/lists/listinfo/efw-user >>>> >>> >>> ------------------------------------------------------------------------- >>> This SF.Net email is sponsored by the Moblin Your Move Developer's >>> challenge >>> Build the coolest Linux based applications with Moblin SDK & win great >>> prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the >>> world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> Efw-user mailing list >>> Efw...@li... >>> https://lists.sourceforge.net/lists/listinfo/efw-user >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Block-IP-from-RED-Interface-tp20564483p20699718.html >> Sent from the efw-user mailing list archive at Nabble.com. >> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's >> challenge >> Build the coolest Linux based applications with Moblin SDK & win great >> prizes >> Grand prize is a trip for two to an Open Source event anywhere in the >> world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> Efw-user mailing list >> Efw...@li... >> https://lists.sourceforge.net/lists/listinfo/efw-user >> > > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Efw-user mailing list > Efw...@li... > https://lists.sourceforge.net/lists/listinfo/efw-user > > -- View this message in context: http://www.nabble.com/Block-IP-from-RED-Interface-tp20564483p20706375.html Sent from the efw-user mailing list archive at Nabble.com. |