Jump to content
When you buy through links on our site, we may earn an affiliate commission.
  • Current Donation Goals

FreeBSD Security Question


freddy333

Recommended Posts

This is for those who're FreeBSD Unix system admins:
Is there a way to drop/disconnected an IP addresss on-the-fly?

 

I've got an old server running FreeBSD 4.11, which, for a variety of reasons, cannot be upgraded to current kernel (long story). So, we're stuck dealing with it as-is. The server's been running without incident for ~18 years and has never suffered a breach or internal security issue. Trouble-makers are routinely added to our ipf firewall's deny list, which does a good job of keeping them away. However, this one (46.229.168... Advanced Hosters of Netherlands), although blocked at the firewall, is constantly banging on the site (currently pinging 40+ ports with variations of the core IP (e.g., 46.229.168.74, 46.229.168.72, 46.229.168.68, et al) and they're beginning to bog-down our connection.

 

Another server's running BSD 6.x, with tcpdrop, which makes dropping offending IPs like AH easy. But, unfortunately, the BSD 4.11 doesn't include tcpdrop, so I'm looking to find an alternative way of dropping IP connections.

 

Anyone?

  • Like 1
Link to comment
Share on other sites

This is for those who're FreeBSD Unix system admins:
Is there a way to drop/disconnected an IP addresss on-the-fly?
 
I've got an old server running FreeBSD 4.11, which, for a variety of reasons, cannot be upgraded to current kernel (long story). So, we're stuck dealing with it as-is. The server's been running without incident for ~18 years and has never suffered a breach or internal security issue. Trouble-makers are routinely added to our ipf firewall's deny list, which does a good job of keeping them away. However, this one (46.229.168... Advanced Hosters of Netherlands), although blocked at the firewall, is constantly banging on the site (currently pinging 40+ ports with variations of the core IP (e.g., 46.229.168.74, 46.229.168.72, 46.229.168.68, et al) and they're beginning to bog-down our connection.
 
Another server's running BSD 6.x, with tcpdrop, which makes dropping offending IPs like AH easy. But, unfortunately, the BSD 4.11 doesn't include tcpdrop, so I'm looking to find an alternative way of dropping IP connections.
 
Anyone?

I know a guy in NASA that talks like you ??

Sent from my SM-G935F using Tapatalk

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...
Please Sign In or Sign Up