Digital Paint Discussion Board

Digital Paint Community => Other Stuff => Topic started by: jitspoe on May 18, 2007, 10:33:38 PM

Title: Linux: Blacklisting IP's
Post by: jitspoe on May 18, 2007, 10:33:38 PM

Looging at the apache error log, I'm seeing some things like:
[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpmyadmin[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpmyadmin
[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpMyAdmin[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/phpMyAdmin
[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/db[Fri May 18 21:12:12 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/db
[Fri May 18 21:12:13 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/web[Fri May 18 21:12:13 2007] [error] [client 212.187.65.151] File does not exist: /var/www/html/web


Obviously some bot trying to find vulnerable phpMyAdmin installations and whatnot.  I think I should probably just blacklist ip's like that.  What's the best way to go about that?

Title: Re: Linux: Blacklisting IP's
Post by: TinMan on May 18, 2007, 10:44:43 PM

iptables or netfilter I'm thinking.

Title: Re: Linux: Blacklisting IP's
Post by: KnacK on May 19, 2007, 08:45:07 AM

iptables on the front end so that the bot wont even realise that the server exists.
You might want to review this page (http://www.iptablesrocks.org/) for reference.

Title: Re: Linux: Blacklisting IP's
Post by: jitspoe on May 21, 2007, 11:56:07 AM

Oy, all that just to block some ip's?  This is why I don't like Linux. :P

Thanks for the link, though.