From owner-freebsd-questions@FreeBSD.ORG Mon Oct 11 09:51:16 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A1FD16A4CE for ; Mon, 11 Oct 2004 09:51:16 +0000 (GMT) Received: from mail1.interlite.net (ns1.interlite.net [62.119.93.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 825D143D45 for ; Mon, 11 Oct 2004 09:51:15 +0000 (GMT) (envelope-from pelle@spd.nu) Received: (qmail 32518 invoked by uid 89); 11 Oct 2004 11:47:45 +0200 Received: from unknown (HELO PELLEANDERSSON) (62.119.94.78) by mail1.interlite.net with SMTP; 11 Oct 2004 11:47:45 +0200 From: "Pelle Andersson" To: "'Subhro'" Date: Mon, 11 Oct 2004 11:51:14 +0200 Organization: SPD Systems Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Thread-Index: AcSvdLrnFdwhoRmZSi6Yh3BVwfiQFgAAoPoQ X-Spam-DCC: : X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on server1.interlite.net X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 cc: freebsd-questions@freebsd.org Subject: Re: Adding network & IP to hosts.deny X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: pelle@spd.nu List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Oct 2004 09:51:16 -0000 Thanks for your reply! Does it matter where in the script I put this/these line/lines? Must it be before or after any other rule? Thanks > The firewall would be definitely a better bet than host.deny. > If you are using ipfw you can simply add a couple of deny rules like: > > ipfw add 100 deny all from 192.168.100.0/24 to me in > > Regards > S. On Mon, 11 Oct 2004 08:46:40 +0200, Pelle Andersson wrote: > > Hi! > > I have a lot of login attempts from various networks and IP addresses > on my FBSD 4.10 server. I have read the man pages for hosts.deny but > do not understand how to add networks and IP addresses to it. > > Let's say I want to block the network address 192.168.100.0 and/or the > IP address 192.168.135.77. > > What I understand is when using hosts.deny, I stopping them totally > from using any networking services, right? > > Would it be better to let the built-in firewall (/etc/rc.firewall) to > stopping them? I have the firewall activated and have changed the port > for example SSH to a higher one. > > Could someone please provide me with some examples on either using > hosts.deny or the default firewall? > > A big thanks in advance, > Best Regards Pelle > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India