IP Address blocking

Chris Ruprecht chrisr at ruprecht.org
Thu Jan 6 02:53:27 UTC 2005


Hello all,

I have looked through the list archives and read the replies other have
made about the issue - but nothing seems to fix the problem.

Every other morning, I read the system logs from the day before and
there are a number of break in attempts (usually 59) to root and a few
to a slew to other accounts.
I would like to know if there is any program in existence that detects
these attempts and blocks the IP address from sending anything my way
ever again.
I currently have 'minimum' security. I have a router set up with NAT
translation of a few ports pointing to the server box (FC2). Most of the
usual suspects (telnet, ftpP are pointing to non-existing machines.
On the server, I have the firewall switched of as I do not have a clear
understanding how to configure it properly and I just hate to find
myself in a situation where I'm not at home and can't log in ;-).

If somebody could point me to some documents that describe in simple
terms, how to configure the firewall properly, I'd appreciate it.

I have looked at firestarter and yes, it works - it either blocks
traffic or it lets traffic in - but it looks a little too primitive for
a production server. 

Thanks,
Chris
-- 
Don't ask me nothin' about nothin' - I might just tell you the
truth ... 
                                         Bob Dylan




More information about the fedora-list mailing list