SUBSIM Radio Room Forums

SUBSIM Radio Room Forums (https://www.subsim.com/radioroom/index.php)
-   PC Hardware/Software forum (https://www.subsim.com/radioroom/forumdisplay.php?f=235)
-   -   Anyone good with blocking IP's on a server? (https://www.subsim.com/radioroom/showthread.php?t=152377)

Monica Lewinsky 06-02-09 09:33 PM
Anyone good with blocking IP's on a server?
 
Have my own home server based on Windows Small Business Server 2003 called Windows Home Server.

Geting whacked every 3-4 hours from b.s. client[s] connections in China trying to automatically hack into it looking for old versions of email hosting that I don't even have installed.

Got their IP's blocked with with IIS [Internet Information Services Manger], just tired of seeing the main reports of people accessing my server are hackers. Other than buying a Sonic Wall device got any ideas what to try instead of spending $400 bucks for a hardware solution?

SUBMAN1 06-02-09 09:48 PM
Quote:
Originally Posted by Monica Lewinsky (Post 1111261)
Have my own home server based on Windows Small Business Server 2003 called Windows Home Server.

Geting whacked every 3-4 hours from b.s. client[s] connections in China trying to automatically hack into it looking for old versions of email hosting that I don't even have installed.

Got their IP's blocked with with IIS [Internet Information Services Manger], just tired of seeing the main reports of people accessing my server are hackers. Other than buying a Sonic Wall device got any ideas what to try instead of spending $400 bucks for a hardware solution?
That's normal. Not a big deal. You will never stop it.

Of course, you can always limit what IP ranges people can see your server from, but this will only stop 50% of the China guys. They will just bounce off some local machine to get to you.

The point being is, quit worrying about it.

-S

PS. And make sure you always patch! :yep:

CaptainHaplo 06-03-09 06:19 PM
Lots of options here. The cheapest is if you have a old desktop lying around. Build a linux kernel to have the thing run as a router with a decent IOS, and just set up your access list. If its spare box, the OS won't cost you a dime, so its free. Can't get a better price.

Second option, set up a software firewall. There is a cost for commercial good ones.

Depends on the usage your looking at - it may be best to get a real router with IOS firewall - and if your looking at lots or traffic and critical data - don't skimp and pony up for a true cisco. Their license costs for IOS are excellent - I think my last IOS update was like 6 bucks a router.

Now Subman is right, if your on the net you can use Best Practices, but there is never a guarantee.

However, if you know what the majority are looking for...... set up a honeypot and steer them to that. This way, you can track em, watch em, learn from em even, all the while they never touch the real part of your network.

I love honeypots. I use one pretty much on a consistent basis and have honestly learned ALOT about security because of them.

SUBMAN1 06-03-09 08:55 PM
In response to Captain Haplo's idea - m0n0wall. Its a professional solution. Enough said.

Won't help you though. I spent years tracking and blocking and they have so many zombie machines, you cannot stop them.

What exactly are they attacking is a better question? If its your website, forget about it. You can't do a thing.

-S

Monica Lewinsky 06-24-09 09:36 PM
Quote:
Originally Posted by SUBMAN1 (Post 1111879)
What exactly are they attacking is a better question? If its your website, forget about it. You can't do a thing.
-S
Kinda disappointing to see the fifth place user being a Chinese bot sniffer to my site.

I understand your point[s]. THX guys.


All times are GMT -5. The time now is 08:50 PM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Copyright © 1995- 2025 Subsim®
"Subsim" is a registered trademark, all rights reserved.