How Many IP Address U Blocked On IPtables

Sep 11, 2006

for about only 3 months running, my server iptables has 36 ipaddresses blocked so far (most of them are from .edu.cn and .edu.tw, dunno why? maybe because of summer break hehe..).
Those IP got blocked mostly because of SSH bruteforce. Everytime I noticed any SSH bruteforce on my /var/log/secure, I just issued "iptables -A INPUT -p all -s [ipaddress] -j DROP"

so, I'm just curious, how about yours ? how many IP in your blocked lists?

View 2 Replies


ADVERTISEMENT

Cron To Delete Ips Blocked By Csf From Iptables How

Apr 4, 2009

how can i set up a cron that will run monthly and will delete the ips blocked by csf and those logged in iptables? its like every month i want to start clean with iptables

View 2 Replies View Related

Blocked IP Address Still Getting In

Apr 9, 2008

I have blocked an IP both in host.deny AND in iptables...and the guy is still able to access my server...any suggestions or something to look for.

CentOS 4.5

View 7 Replies View Related

IP Address Blocked By Hotmail

Mar 26, 2007

One of my VPS clients has had all of the ip addresses on his server blocked/blacklisted on the hotmail service, he cannot send email to or recieve email from anyone with a hotmail email address, does anyone have any ideas on a solution, other than changing all the ip's on his vps?

View 11 Replies View Related

My Server Ip Address Is Blocked By Hotmail

Mar 15, 2008

I cannot send emails to name@hotmail.com from any of sites hosted on my server. No mass emails. no unusual activities. Even though they blocked it. I filled out their forms but they didn't remove the block.

View 11 Replies View Related

How To Find How Many IP Address Blocked In Iptable

Jul 29, 2008

how to find how many ip blocked in ip table?also tell me how clear the ip table and find what are ips blocked in ip table

View 5 Replies View Related

Trace If An Email Address Has Been Blocked By A Host?

Jan 31, 2005

Just wondering if there was a way to trace if an email has been blocked by a webhosts server.

My customer gets an automated email when he books online for Qantas Australia (Australia's biggest Airline Company). I have moved them from an Australian based web host to a US based server and host.

Since the host move, these emails no longer go through to the clients email address on the new hosts server.

I got Qantas to send the email through to me which is on a US server also but a different host to that of my client?? But they did not come through to me even.

I got Qantas to send it through to my personal email address (an Australian bigname ISP) which went through fine and I received it.

The auto generated email possibly could be coming through a 3rd party server so I was thinking maybe this server IP has been blocked for whatever reason (if 3rd party it could have been anyone) It is just strange that used to get them OK through the Australian server and still through my persoanl Australian ISP.

So is there a way to check and confirm and secondly if my suspicions are right would there be a process of trying to get the hosts to accept an email from Qantas as this customer doesnt want to have another email account.

View 10 Replies View Related

Iptables No More Than One Connection Per Ip Address?

Apr 25, 2007

I would like to setup a rule through iptables or something that will let me so, only one ip can have XX connections per minute/hour or whatever time is set.

or something that will ban ips that are opening massive connections kinda like this ...

View 14 Replies View Related

Forwarding IP Address Using Iptables

Jun 3, 2008

I'm trying to help someone with a shoutcast bandwidth server issue.

They have almost maxed out their bandwidth on one server and need the shoutcast servers on another box (but needs to maintain the same ip)

I tried this:....

View 0 Replies View Related

Plesk 12.x / Linux :: Local IP Address Blocked By Feature Fail2ban

Jul 23, 2014

There is a strange problem with the new feature fail2ban. I have noticed that a local ip address (ip address from the webserver itself) was added to the blocked ip addresses of fail2ban now for the second time. What I can see is that it was the recidive jail.

If there is nginx used as reverse proxy you get a "502 Bad Gateway". Any way to find out more about the reason why an ip address is added to the list of blocked ip addresses in fail2ban?

View 2 Replies View Related

SSH Access To My Server Only From IP Address IPtables

May 7, 2009

my question

i Have a server with centos and WHM cpanel , the last days i have read in the ssh log files (security) many failure logins from many IP adress

i read some about IPtables and everytime when i read in the log for an ip i block this Ip from IPtables , but this seems bad and boring exepiriance everyday.

so does anyone know the exact command for the IPtables , how to have access to my ssh ONLY from my ip address ?

my IP adress it is static and i want only from that ip to have access to the server and noone else from diferent ip

View 6 Replies View Related

After Flush+zero Iptables, Will A New Iptables Ban Work

Jan 5, 2008

I execute the following commands, in the following order:

iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP

will that last command successfully ban that IP until reboot?

If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.

View 2 Replies View Related

Apache :: How To Use Virtual Host IP Address In Request To Remote Address

Feb 6, 2015

My customer has an external facing Apache server that is acting as a reverse proxy to two internal applications. They have:

- external addresses for each app which resolve to different ip addresses, so app1.their_domain.com and app2.their_domain.com resolve to 77.3.170.10 and 77.3.170.11 respectively.
- the Apache server has two network interfaces with ip addresses 192.168.10.10 and 192.168.10.11
- the external ip addresses resolve to the above internal addresses
- the firewall between the Apache server and the internal app servers is configured to allow traffic from 192.168.10.10 to reach app_server1, and traffic from 192.168.10.11 to reach app_server2, both using port 7777.

I have configured a virtual host in httpd.conf for each ip, i.e.

Code:

<VirtualHost 192.168.10.10:80>
...
ProxyPass /app http://app_server1:7777/app
ProxyPassReverse /app http://app_server1:7777/app
RewriteRule ^/$ /app/app1 [R,L]
...
<VirtualHost>

and

Code:

<VirtualHost 192.168.10.11:80>
...
ProxyPass /app http://app_server2:7777/app
ProxyPassReverse /app http://app_server2:7777/app
RewriteRule ^/$ /app/app2 [R,L]
...
<VirtualHost>

This works fine in that the external address are being routed to the correct application, however the firewall is blocking requests to the second app as it appears the requests are coming from the Apache servers 'primary' ip address 192.168.10.10 instead of 192.168.10.11.

Is it possible to send requests using the ip address from the relevant VirtualHost?

Windows server 2008
Apache 2.2

View 1 Replies View Related

Virtuozzo Firewall :: Is It Possible To Enter Two Different Ip Address In Source Address?

Aug 4, 2008

I am using virtuozzo firewall to secure access.

I enter 58.27.175.211/255.255.255.0 for Source Address and Netmask for port 22.

But still I can connect using 58.181.103.217 or 58.27.151.120.

Second is it possible to enter two different ip address in source address?

View 4 Replies View Related

How Do I Setup A New Ip Address As My Server's Main Ip Address

Jul 26, 2007

I just bought a new ip address and want to setup this new ip as my server's main ip, making the 'existing main ip' as the secondary ip.

Which means, this new ip will be the server's default ip address for all services, including when connecting to other server.

I'm using CentOs 4.5 and swsoft's panels: HSPcomplete & Virtuozzo Power Panel, and Webmin.

View 1 Replies View Related

URL Redirection Without Changing The Address In The Address Bar

Nov 8, 2007

I want to redirect a website to a particular URL so that the address bar shows the same URL and not the destination URL. I know it is possible via URL masking, however, I want it in such a way that whenever somebody clicks on any link in the website, the address bar should still show the original URL. To put it in simple words, Suppose I want to redirect [url] to [url]. Now if there is a link named contact/index.htm and somebody clicks on it the address bar should display [url]and not redirect to [url]

How can it be possible using URL Rewrite method in .htaccess file?

View 2 Replies View Related

98)Address Already In Use: Make_sock: Could Not Bind To Address [::]:443

Aug 4, 2007

The problem usually goes like this:

- I can't access the webserver
- I'll try to restart httpd, and I'll get

Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:443

To fix this, I run

[root@www1 ~]# lsof -i tcp:443
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
perl 11307 apache 4u IPv6 476943447 TCP *:https (LISTEN)

There is always leftover process that is causing the restart to fail. Once i force kill the process, I am able to restart httpd properly.

Now it is ok if this just occurs once in a while, but this problem keeps repeating itself almost everyday at 4am server time (cron time?). What can I do to permanently fix this?

View 5 Replies View Related

My Ip Blocked

May 14, 2009

i have vbulletin forum with 250,000 member

i tried to send a message to them so i used this blugin

[url]

and send 200 message every 10 minute

after 4 days my ip address are blocked from yahoo server

every mail i want to send i get this message

[TS03] All messages from xx.xx.xx.xx will be permanently deferred; Retrying will NOT succeed. See [url]

View 3 Replies View Related

IP Blocked

Jan 20, 2008

All of a sudden my sites are not visible to me hosted in the same cirtex hosting account. I have verified that it wasn't spyware messing with my local computer and can view the site via a proxy. They use cpanel and there is no block visible, but there has to be something somehwere. I told them to restart and that did make the site visible until I checked in the morning, Where would a block be if this is it and is there a chance this was done by a hacker?

View 1 Replies View Related

Getting IP's Blocked By Your ISP

Dec 30, 2007

how willing your ISP/carrier is to block one or multiple IP addresses that have may have been causing issues for you such as DDoS attacks, hackings etc.

What has been your experience? Please provide as much detail on your experience as possible.

View 10 Replies View Related

Blocked By MSN

Jul 19, 2007

I am blocked by MSN. All email messages directed to any @hotmail.com address is rejected, here a typical message:

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

name@hotmail.com
SMTP error from remote mail server after MAIL FROM:<user@mydomain.com> SIZE=1802:
host mx3.hotmail.com [65.54.244.200]: 550 Your e-mail was rejected for policy reasons on this gateway. Reasons for rejection may be related to content such as obscene language, graphics, or spam-like characteristics (or) other reputation problems.

I have never spammed nor sent similar content as that listed above.

My host provider says they are contacting MSN for an explantion, but time is running and I need to find a solution to this, because I have some customers (hosted in my server) which need to answer to @hotmailers prospects on their product/services.

View 7 Replies View Related

IP Not Being Blocked Properly

Jun 28, 2009

I need to block a specific IP:
93.6.224.242

It adds fine when I do:
iptables -A INPUT -s 93.6.224.242 -j DROP

However, the IP is still accessing files and pages on the site according to Apache:

When I ban other IP's they are blocked from accessing anything on the server (e.g. it wouldn't even reach Apache level because of firewall), but this IP just isn't banning properly.

View 11 Replies View Related

Blocked Range Ips Through Apf - How To

Nov 5, 2009

am using APF firewall and am getting ddos from these range ips

4.68.25.*

8.0.4.*

8.0.5.*

how could i delete all the range from these ip's?

View 4 Replies View Related

Emails Blocked From ISP

Oct 13, 2009

I have recently switched to GreenGeeks, great company and great support, but I am having a huge problem that all my clients and I are having problems with. No one can send emails to ATT, Verizon, Earthlink, Comcast, Etc. because they bounce back as being blocked. I have contacted them to unblock the IP and they do, but then a few days pass and it's blocked again. WTH? I've contacted GreenGeeks and they are aware of the problem but I really need to move on with this problem, does anyone know of any solution to do?

Example: ....

View 14 Replies View Related

Blocked IP By Spamhaus

Jul 8, 2009

We just got a new windows server and didnt put an antivirus or configure windows firewall, while setting up for the 1st two months.

our IP address has been blocked twice now by this company, on saturday, released on monday and blocked again on tuesday.

[url]

we applied to have it removed which they did and blocked it again, they claim we were spamming, which we never did

We have installed mcafee and setup windows firewall.

View 7 Replies View Related

Blocked By Gmail

Feb 3, 2009

One of my clients ran an e-mail bomber and gmail is blocking all emails from my server. I've searched but can't find a way to reach google or unblock the IP.

View 6 Replies View Related

Blocked Using 88.blacklist.zap

May 25, 2009

I have exim mailserver (cpanel based),and when i send mails to some domains i have got the following error

550 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com

How can i solve this issue ? How can i avoid my IP from listing in 88.blacklist.zap?

View 1 Replies View Related

SYNFLOOD Blocked

Feb 20, 2008

Recently switched firewalls from APF and CSF, and so far couldn't be happier! But I do have some questions on SYNFLOOD_RATE within CSF.

Currently have a setting for "40/s" and I am still getting many messages in /var/log/messages with *SYNFLOOD Blocked*.

If I enable Synflood checking, the load on the server increases, but the bandwidth usage decreases. But I'm wondering if 'good' visitors are getting turned away?

Is the setting meaning block above 40/s per IP?

Or simply block above 40/s?

Also, does the firewall simply drop the packets above 40?

And is the IP Blocked?

View 8 Replies View Related

Port 110 Blocked

Nov 16, 2008

They started blocking my Port 25, so I made an iptables entry on my server to redirect posrt 26 to port 25 so I could set my outgoing mail for my server (from Outlook) to port 26. But one day later teh bastards are blocking my port 26 too! Guess they just don't want ANY outbound mail send from anything but their servers! If I had any other option, I'd dump Comcast in a heartbeat!

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved