From owner-freebsd-questions@FreeBSD.ORG  Sat Mar  5 02:07:34 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4B89A106564A
	for <freebsd-questions@freebsd.org>;
	Sat,  5 Mar 2011 02:07:34 +0000 (UTC)
	(envelope-from jbiquez@intranet.com.mx)
Received: from intranet.com.mx (intranet.com.mx [200.33.246.7])
	by mx1.freebsd.org (Postfix) with ESMTP id F0FE28FC16
	for <freebsd-questions@freebsd.org>;
	Sat,  5 Mar 2011 02:07:33 +0000 (UTC)
Received: from PC2.intranet.com.mx (189.241.44.64) by intranet.com.mx with
	ESMTP (EIMS X 3.3.9) for <freebsd-questions@freebsd.org>;
	Fri, 4 Mar 2011 20:08:10 -0600
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Fri, 04 Mar 2011 20:07:27 -0600
To: freebsd-questions@freebsd.org
From: Jorge Biquez <jbiquez@intranet.com.mx>
In-Reply-To: <AANLkTi=UVGXoRg310mZMa-kU3gVThPzXxOTz-RhBfdes@mail.gmail.c
 om>
References: <3382016411-764985335@intranet.com.mx>
	<AANLkTi=Fb_CiA76g79ZkP8o_yWsQcN6iuPD7w=dBxztQ@mail.gmail.com>
	<11805_1299196962_4D702C22_11805_70_1_D9B37353831173459FDAA836D3B43499BD354A48@WADPMBXV0.waddell.com>
	<AANLkTi=619ih7aP8ic_rTqFWVmk_P2Zrob=XJUsvLfHL@mail.gmail.com>
	<AANLkTi=UVGXoRg310mZMa-kU3gVThPzXxOTz-RhBfdes@mail.gmail.com>
Mime-Version: 1.0
Message-ID: <3382135692-764986037@intranet.com.mx>
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Re: Simplest way to deny access to a class C
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Mar 2011 02:07:34 -0000


>
>I wonder why nobodies mentioned a quite simple method with tcpwrappers and
>hosts.allow / hosts.deny also

Hello.

I guess something simple could work.... For some reason, don ask me 
why becasue I did not find why, the:

Order Deny, Allow
Deny IP
Allow all

under httpd.conf and outsite as .htaccess does not work but for now 
teh thing is simple, to block a class C, those guys are stupiod and 
programmed bad an application (I guess) and are pointing to one of my 
domains... since 4 weeks ago I am receiving this kind of access:

189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "OPTIONS / HTTP/1.1" 
200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND 
/Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND 
/Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"

They change IP's , from the same Class C. No trying to do anything 
else, hack or send email....
So I decided to block the Class C. I guess that with the deny, allow 
directives under Apache would be enough but they do not work. I am 
under Apache 1.3x and all works fine but that directives do not. I 
tried , read and not be able to make them work so that's why I 
decided to block them and block others, those yes are trying to hack, 
the simplest way..... anyway.... I will see if the:

>hosts.allow / hosts.deny

would help.  If needed I would upgrade to latest version of FreeBSD 
Apache or whatever needed. Even when they do not do anything my 
server, a 386 that has been running Freebsd the last 13 years since 
Freebsd 3.x is supporting this extra load and besides they are 
wasting my bandwidth. I can not do anything and no problem but I'd 
like to solve this and continue learning Freebsd.

Thanks for your time.

Jorge Biquez