Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 17th August 2009, 21:53
rlischer rlischer is offline
Senior Member
 
Join Date: Jul 2009
Posts: 121
Thanks: 6
Thanked 1 Time in 1 Post
Default need to ban repeat ftp attacks from an IP

fail2ban is emailing me every 10 minutes about the same ip it keeps banning for pureftp attacks. Can I ban this IP forever somewhere?



Thanks
Reply With Quote
Sponsored Links
  #2  
Old 18th August 2009, 11:52
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,368
Thanks: 833
Thanked 5,477 Times in 4,313 Posts
Default

Use e.g. this command:

/sbin/route add -host 123.123.123.123 reject
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 18th August 2009, 12:57
rlischer rlischer is offline
Senior Member
 
Join Date: Jul 2009
Posts: 121
Thanks: 6
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by till View Post
Use e.g. this command:

/sbin/route add -host 123.123.123.123 reject
Thanks till
Reply With Quote
  #4  
Old 19th August 2009, 10:45
lano lano is offline
Member
 
Join Date: May 2007
Posts: 94
Thanks: 10
Thanked 8 Times in 7 Posts
Default

Quote:
Originally Posted by rlischer View Post
fail2ban is emailing me every 10 minutes about the same ip it keeps banning for pureftp attacks. Can I ban this IP forever somewhere?



Thanks
Or you can put ban in iptables for specific service.
Here is how I do it:
Code:
iptables -I INPUT -p tcp -s 123.456.789.234 --dport ftp -j REJECT --reject-with tcp-reset
Reply With Quote
The Following User Says Thank You to lano For This Useful Post:
faeroe (8th November 2009)
  #5  
Old 19th August 2009, 13:12
rlischer rlischer is offline
Senior Member
 
Join Date: Jul 2009
Posts: 121
Thanks: 6
Thanked 1 Time in 1 Post
 
Default

Quote:
Originally Posted by lano View Post
Or you can put ban in iptables for specific service.
Here is how I do it:
Code:
iptables -I INPUT -p tcp -s 123.456.789.234 --dport ftp -j REJECT --reject-with tcp-reset
Thanks! My attacks have really died down since fail2ban started working.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Troubleshooting FTP bswinnerton Installation/Configuration 4 10th October 2008 19:34
proFTPd passive mode problems bisbell Server Operation 8 6th August 2008 21:12
Question about Virtual Hosting With Proftpd And MySQL (Incl. Quota) On Debian Etch ikkem HOWTO-Related Questions 30 26th February 2008 19:38
FTP Error joshabts Installation/Configuration 3 4th November 2006 16:19
Website users? ctroyp General 25 6th January 2006 18:02


All times are GMT +2. The time now is 07:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.