blocking hosts
If I want to block all access to my debian box from a certain IP, is it as simple as placing the IP in /etc/hosts.deny? I am using debian woody... Thanks. -- Matthew Daubenspeck 08:13:06 up 5 days, 17:58, 1 user, load average: 0.02, 0.04, 0.01 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: blocking hosts
Not really. This is helpful but will only block access to those services that are compiled against tcp wrappers. To block all access you can use iptables or add a blocked route to your routing table. For example: route add -net 194.73.242.0/24 reject # (this will block all access from the class C network 194.73.242.0) route add -host 194.73.242.132 reject# (this will block all access from the IP address 194.73.242.132) If you want this to persist after reboot then you will need to add the command to one of your start up scripts. I use rc.local. |/\\/|| - Original Message - From: Matthew Daubenspeck [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 18, 2004 5:14 AM Subject: blocking hosts If I want to block all access to my debian box from a certain IP, is it as simple as placing the IP in /etc/hosts.deny? I am using debian woody... Thanks. -- Matthew Daubenspeck 08:13:06 up 5 days, 17:58, 1 user, load average: 0.02, 0.04, 0.01 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: blocking hosts
On Tue, 2004-05-18 at 14:59, David Cunningham wrote: Not really. This is helpful but will only block access to those services that are compiled against tcp wrappers. To block all access you can use iptables or add a blocked route to your routing table. For example: route add -net 194.73.242.0/24 reject # (this will block all access from the class C network 194.73.242.0) route add -host 194.73.242.132 reject# (this will block all access from the IP address 194.73.242.132) You might also want to look at the package Shorewall which I find very useful for configuring my firewall. Furthermore, it creates scripts to start all the firewall stuff automatically on boot. Regards, Iain. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: blocking hosts
Matthew Daubenspeck [EMAIL PROTECTED] writes: If I want to block all access to my debian box from a certain IP, is it as simple as placing the IP in /etc/hosts.deny? I am using debian woody... It's as simple as adding an entry to iptables. -- Paul Johnson [EMAIL PROTECTED] Linux. You can find a worse OS, but it costs more. pgp7Unv8HwPbo.pgp Description: PGP signature
