[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Open relay scan

Subject: RE: [cobalt-users] Open relay scan
From: "Andy Brown" <andy.brown@xxxxxxxxxxxxx>
Date: Fri Sep 6 08:38:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

<snip>
> Somebody is constantly checking my servers for open relay, 
> every second. He
> can't get through, but this produces a huge logfile and 
> consumes resources
> and bandwith.
> 
> Is there a way to block the ipaddress all together in a 
> raq4r, to prevent
> logfile and the consuming of resources and bandwith?
</snip>

Do you have any form of filters installed (Such as ipfwadm or ipchains) if you do then its a simple case of adding in a deny rule. Here is an example if you use ipchains (And if you don't ipchains is easily installed via rpm, lots of FAQ's about and details in the archives)
ipchains -I input -s 111.111.111.111 -j DENY

or you could add a bogus routing command to your machine (I'd personally not do this and install ipchains instead)
/sbin/route add -host 111.111.111.111 gw 333.444.555.666

Where 111.111.111.111 is who you want to block and just leave 333.444.555.666 as that since its intentionally a bad route.

Regards,

Andy
andy@xxxxxxxxxx
http://www.raqpak.com/ <-- Raq/Qube unofficial PKGs and support advice

Follow-Ups:
- Re: [cobalt-users] Open relay scan
  - From: cobaltusers

Prev by Date: RE: [cobalt-users] Squid consuming 100% of cpu rescs: newbie
Next by Date: RE: [cobalt-users] cp recursive command ?
Previous by thread: Re: [cobalt-users] Open relay scan
Next by thread: Re: [cobalt-users] Open relay scan

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index