Re: Blocking IPs
From: David Cummins [EMAIL PROTECTED] If you want to be really sneaky, though, if its their IP, spit out a standard error message. You'll have them racking their brains for days! One security book I read discussed created a fake environment to lull info robbers into exploring. Filled with junk, it keeps them involved while you run phone traces, etc. to track down the person... -- Never apply a Star Trek solution to a Babylon 5 problem. Larry W. Virden mailto:[EMAIL PROTECTED] URL: http://www.purl.org/NET/lvirden/ Even if explicitly stated to the contrary, nothing in this posting should be construed as representing my employer's opinions. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
RE: Blocking IPs
Here you go Juandres: http://www.decfug.org/SampleCode/BlockIPs/ John McKown, VP Business Services - Delaware.Net, Inc. Founder, Delaware Cold Fusion Users Group 30 Old Rudnick Lane, Suite 200 Dover, DE 19901 email: [EMAIL PROTECTED] phone: 302-736-5515 fax: 302-736-5945 icq: 1495432 -Original Message- From: Juan Andres Alvarez Valenzuela [mailto:[EMAIL PROTECTED]] Sent: Monday, November 06, 2000 11:30 AM To: CF-Talk Subject: Blocking IPs Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres -- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
RE: Blocking IPs
Enjoy: http://www.decfug.org/SampleCode/BlockIPs John McKown, VP Business Services Delaware.Net, Inc. 30 Old Rudnick Lane, Suite 200 Dover, DE 19901 email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] phone: 302-736-5515 fax: 302-736-5945 icq: 1495432 -Original Message- From: Juan Andres Alvarez Valenzuela [mailto:[EMAIL PROTECTED]] Sent: Monday, November 06, 2000 11:30 AM To: CF-Talk Subject: Blocking IPs Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres -- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
Re: Blocking IPs
If you want to be really sneaky, though, if its their IP, spit out a standard error message. You'll have them racking their brains for days! For example, make it output the HTML of a standard 404 page... or if you know what scripting language they're using, make it spit out an error message which could be produced by that language. ;) Maybe put in extraneous junk HTML to break a badly-written parser? David Cummins Evan Lavidor wrote: You could throw something like cfif CGI.REMOTE_ADDR IS 'xxx.xxx.xxx.xxx' cflocation url="http://myserver.com/getout.cfm" addtoken="no" /cfif to the end of your application.cfm file. Evan -Original Message- From: Juan Andres Alvarez Valenzuela [mailto:[EMAIL PROTECTED]] Sent: Monday, November 06, 2000 11:30 AM To: CF-Talk Subject: Blocking IPs Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres -- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
RE: Blocking IPs
I have an application that I built that does this pretty well. It blocks IPs tanges, Phrases, Names, or email addresses. I will be happy to share it with you. John McKown, VP Business Services Delaware.Net, Inc. 30 Old Rudnick Lane, Suite 200 Dover, DE 19901 email: [EMAIL PROTECTED] phone: 302-736-5515 fax: 302-736-5945 icq: 1495432 -Original Message- From: Juan Andres Alvarez Valenzuela [mailto:[EMAIL PROTECTED]] Sent: Monday, November 06, 2000 11:30 AM To: CF-Talk Subject: Blocking IPs Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres -- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
Re: Blocking IPs
- Original Message - From: "Juan Andres Alvarez Valenzuela" [EMAIL PROTECTED] Sent: Monday, November 06, 2000 4:29 PM Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. You can do this at the webserver i.e. in IIS using the Directory Security - IP Address and Domain Name restrictions - options of the website properties, I think Website (the server product) will do this as well - but not sure. Adrian Cooper. Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
RE: Blocking IPs
Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. There are much more creative ways to stop him (or her) than just blocking... :) Check #CGI.REMOTE_ADDR# for the visitor's IP address... -Cameron Cameron Childress ElliptIQ Inc. p.770.460.7277.232 f.770.460.0963 -Original Message- From: Juan Andres Alvarez Valenzuela [mailto:[EMAIL PROTECTED]] Sent: Monday, November 06, 2000 11:30 AM To: CF-Talk Subject: Blocking IPs Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres -- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
RE: Blocking IPs
You could throw something like cfif CGI.REMOTE_ADDR IS 'xxx.xxx.xxx.xxx' cflocation url="http://myserver.com/getout.cfm" addtoken="no" /cfif to the end of your application.cfm file. Evan -Original Message- From: Juan Andres Alvarez Valenzuela [mailto:[EMAIL PROTECTED]] Sent: Monday, November 06, 2000 11:30 AM To: CF-Talk Subject: Blocking IPs Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres -- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
Re: Blocking IPs
Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? Application.cfm + REMOTE_ADDR + REMOTE_HOST + table with "ban" IP should help. Cheers, Gennadi Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
RE: Blocking IPs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Juan, You could block an intruder at your web server with the facilities of the httpd software, the server's tcp/ip features, you can also do it from CF (but you would have to wait for the intruder to request a Cf template... maybe you don't want to wait that long!). There are a lot of inetd sorts of security that depend on the platform you are using. The best (fastest, most robust and a goodie that is designed for it) would be at your firewall/router. You will shortly find that you need to see your site in the context of a greater security policy. Balance that with why you have a web site and what you keep there }:/. Formulate a real security policy and put it to work. Is your abuser always from the same IP address? Then report it to the upstream ISP and help protect the field. OTOH, a dial up account is easy to setup and abusive nut cases are very fond of them as it costs them nothing. Do you want to catch this black hat in the act? Put up a honey pot and attract all kinds of critters. But really, think about what you do with your server and get a working policy, firewall, router, etc. Get some books, investigate a DMZ, encryption etc. Visit CERT, Security Focus, l0pth and others. Enjoy, but remember, your not in Kansas any more. Mike - -Original Message- From: Juan Andres Alvarez Valenzuela [SMTP:[EMAIL PROTECTED]] Sent: Monday, November 06, 2000 8:30 AM To: CF-Talk Subject:Blocking IPs Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres - -- - -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com iQA/AwUBOgc2K3YFmKomMlANEQJTLQCeJuiwku1xHTP+c3vCtLOaa72ZUnMAn1Y0 3QkmOUPy9j9RmrwsCSdAMzTS =Qopx -END PGP SIGNATURE- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
Re: Blocking IPs
Yes. If he has a static IP address, you can block him in you webserver or by a cf script like: For the IP Address 198.3.96.103 cfif gettoken(cgi.remote_addr,1,".") is 198 cfif gettoken(cgi.remote_addr,2,".") is 3 cfif gettoken(cgi.remote_addr,3,".") is 96 cfif gettoken(cgi.remote_addr,4,".") is 103 cflocation url = "block.cfm" /cfif /cfif /cfif /cfif If he is on aol or earthlink or other ISPs with dynamic IP, will not working against him alone. At 05:29 PM 11/6/00 +0100, you wrote: Hello everyone, Someone has experience in blocking the access to some IP number in CF ? We have a potential information robber and we are trying to block him. ideas? ~Juandres Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]