Personally ive found this to be of great help while dealing with ddos attackers or just someone that i need to kick out completely from a server i manage.
As a webhosting company owner / administrator this is a saver and sometimes saves you time of going directly into the firewall and block someone.
This is done by adding the following line to the /etc/sysconfig/static-routes file:
any host 111.111.111.111 reject (being 111.111.111.111 the ip address to block)
When you perform a "route -n" you will see this IP with "-" as it's gateway. This will cause your server to drop all response traffic to this IP.
Destination Gateway Genmask Flags Metric Ref Use Iface
111.111.111.111 - 255.255.255.255 !H 0 - 0 -
If you wish to un-blacklist this IP in the future simply remove the aforementioned line from the static-routes file and restart the "network" service os the server.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment