[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] locking out IP's
- Subject: Re: [cobalt-users] locking out IP's
- From: "Fido" <admin@xxxxxxxxxxxxxxxxx>
- Date: Mon Dec 4 19:42:54 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Many thanks
21240312
----- Original Message -----
From: "Zeffie" <cobaltlist@xxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Sunday, December 03, 2000 9:11 PM
Subject: Re: [cobalt-users] locking out IP's
>
> > What is the best way to lock out IP's that are trying to hack into a
site
> on
> > a raq1.
> >
> > htaccess? access.conf?? what is the best and if it is htaccess, what is
> the
> > format?
>
> For http...
> in /etc/httpd/conf/access.conf you can update the main section to
include...
>
> # Controls who can get stuff from this server.
>
> order allow,deny
> allow from all
> deny from disney.com
> AuthFailDelay 2000000
> </Directory>
>
> For inetd processes you can add their ip to your /etc/hosts.deny with ...
> ALL: 208.36.162.98
> or
> ALL: 232.
>
> and
> You can Install ip chains
> http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
> This is the best way to "Ground that connection"
>
> btw
> /sbin/route add -host <ip-adress> reject
> from the man page
> reject Modifier installs a blocking route, which will
> force a route lookup to fail. This is for example
> used to mask out networks before using the default
> route. This is NOT for firewalling.
> which means I can write my name in the snow but I can't read it back or
even
> know if I did it right...
>
> Zeffie
>
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>