From owner-freebsd-questions@FreeBSD.ORG Sat Mar 5 02:25:36 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B7B531065672 for ; Sat, 5 Mar 2011 02:25:36 +0000 (UTC) (envelope-from Ggatten@waddell.com) Received: from mailhost0.waddell.com (mailhost0.waddell.com [67.130.252.61]) by mx1.freebsd.org (Postfix) with ESMTP id 83E5A8FC17 for ; Sat, 5 Mar 2011 02:25:36 +0000 (UTC) Received: from mailhost3.waddell.com (mailhost3.waddell.com [10.1.10.28]) by mailhost0.waddell.com (Postfix) with ESMTP id E74C8508DF; Fri, 4 Mar 2011 20:25:35 -0600 (CST) Received: from mailhost3.waddell.com (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id E2A843C338; Fri, 4 Mar 2011 20:25:35 -0600 (CST) Received: from ADVPHTCAS0.wradvisors.com (advphtcas0.wradvisors.com [192.168.203.228]) by mailhost3.waddell.com (Postfix) with ESMTP id D77163C31E; Fri, 4 Mar 2011 20:25:35 -0600 (CST) Received: from WADPMBXV0.waddell.com ([169.254.1.145]) by ADVPHTCAS0.wradvisors.com ([192.168.203.228]) with mapi; Fri, 4 Mar 2011 20:25:35 -0600 From: Gary Gatten To: "'jbiquez@intranet.com.mx'" , "'freebsd-questions@freebsd.org'" Date: Fri, 4 Mar 2011 20:25:34 -0600 Thread-Topic: Simplest way to deny access to a class C Thread-Index: Acva2iMXufEBjnlQQNKzbFdweUfXHQAAnhpR Message-ID: <27487_1299291935_4D719F1F_27487_5208_1_D9B37353831173459FDAA836D3B43499BD354A56@WADPMBXV0.waddell.com> In-Reply-To: <3382135692-764986037@intranet.com.mx> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: Subject: Re: Simplest way to deny access to a class C X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Mar 2011 02:25:36 -0000 Null (bogus) route that /24 seems the most simple to me: 5 seconds and no u= pgrades or add ons. ----- Original Message ----- From: Jorge Biquez [mailto:jbiquez@intranet.com.mx] Sent: Friday, March 04, 2011 08:07 PM To: freebsd-questions@freebsd.org Subject: Re: Simplest way to deny access to a class C > >I wonder why nobodies mentioned a quite simple method with tcpwrappers and >hosts.allow / hosts.deny also Hello. I guess something simple could work.... For some reason, don ask me=20 why becasue I did not find why, the: Order Deny, Allow Deny IP Allow all under httpd.conf and outsite as .htaccess does not work but for now=20 teh thing is simple, to block a class C, those guys are stupiod and=20 programmed bad an application (I guess) and are pointing to one of my=20 domains... since 4 weeks ago I am receiving this kind of access: 189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "OPTIONS / HTTP/1.1"=20 200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND=20 /Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:43:48 -0600] "PROPFIND=20 /Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2= 600" 189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "OPTIONS / HTTP/1.1"=20 200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND=20 /Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:44:13 -0600] "PROPFIND=20 /Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2= 600" 189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "OPTIONS / HTTP/1.1"=20 200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND=20 /Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:44:19 -0600] "PROPFIND=20 /Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2= 600" 189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "OPTIONS / HTTP/1.1"=20 200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND=20 /Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:44:34 -0600] "PROPFIND=20 /Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2= 600" 189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "OPTIONS / HTTP/1.1"=20 200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND=20 /Backup-usuarios HTTP/1.1" 301 323 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" 189.254.19.93 - - [04/Mar/2011:19:45:06 -0600] "PROPFIND=20 /Backup-usuarios/ HTTP/1.1" 200 40833 "-" "Microsoft-WebDAV-MiniRedir/5.1.2= 600" They change IP's , from the same Class C. No trying to do anything=20 else, hack or send email.... So I decided to block the Class C. I guess that with the deny, allow=20 directives under Apache would be enough but they do not work. I am=20 under Apache 1.3x and all works fine but that directives do not. I=20 tried , read and not be able to make them work so that's why I=20 decided to block them and block others, those yes are trying to hack,=20 the simplest way..... anyway.... I will see if the: >hosts.allow / hosts.deny would help. If needed I would upgrade to latest version of FreeBSD=20 Apache or whatever needed. Even when they do not do anything my=20 server, a 386 that has been running Freebsd the last 13 years since=20 Freebsd 3.x is supporting this extra load and besides they are=20 wasting my bandwidth. I can not do anything and no problem but I'd=20 like to solve this and continue learning Freebsd. Thanks for your time. Jorge Biquez _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
"This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system."