From owner-freebsd-questions@FreeBSD.ORG Wed Apr 30 22:00:43 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 166BF37B401 for ; Wed, 30 Apr 2003 22:00:43 -0700 (PDT) Received: from rutger.owt.com (rutger.owt.com [204.118.6.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1FE5743F3F for ; Wed, 30 Apr 2003 22:00:42 -0700 (PDT) (envelope-from kstewart@owt.com) Received: from topaz-out (owt-207-41-94-233.owt.com [207.41.94.233]) by rutger.owt.com (8.11.6p2/8.9.3) with ESMTP id h4150cV12511; Wed, 30 Apr 2003 22:00:38 -0700 From: Kent Stewart To: Alfonso Romero , freebsd-questions Date: Wed, 30 Apr 2003 22:00:37 -0700 User-Agent: KMail/1.5.1 References: <200304102145.25225.gwschenk@socal.rr.com> <200304302123.37951.gwschenk@socal.rr.com> <006a01c30f9d$85f7d680$0100a8c0@ibac> In-Reply-To: <006a01c30f9d$85f7d680$0100a8c0@ibac> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200304302200.37348.kstewart@owt.com> Subject: Re: using host.allow on dynamic addresses X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2003 05:00:43 -0000 On Wednesday 30 April 2003 09:52 pm, Alfonso Romero wrote: > I=B4ve been receiving some of this lines on my apache access log: > > 200.67.17.221 - - [28/Apr/2003:17:46:05 -0500] "GET > /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX >XXXXXXX > XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX >XXXXXXX > XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX >XXXXXXX > XXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858 >%ucbd3% > u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00 >=3Da HTTP/1.0" 404 286 "-" "-" > > From what I=B4ve read, I can put on hosts.allow these addresses to > avoid this type of problem, but what if some of those addresses are > dynamic? If one user has an infected PC with a dialup access to > Internet, and then hangs up and another user receives this same > address, even if his PC isn=B4t infected, he couldn=B4t visit my site, > right? That is right. If you prevent an IP address to stop this, then a good=20 user could be prevented from visiting your system. The thing to do is=20 copy the message and send it to=20 Si desea notificar sobre correo no solicitado o accesos no autorizados, favor de enviar su mensaje a abuse@nic.mx At least, that is where a lookup of 200.67.17.221 eventually leads you=20 to. Kent =2D-=20 Kent Stewart Richland, WA http://users.owt.com/kstewart/index.html