[arm-allstar] Script to ban IP
Rachid Karroo
rkarroo at gmail.com
Sun Jun 30 22:23:00 EDT 2019
Doug, thank you for replying. The Port is 80 (http). I have Supermon
running but not towards the outside world since no public IP or Dyndns
defined. Obviously he was scanning and saw the Port 80 open. I am sure he
will come back again.
He tried a few times and using different approach. According to the IP
lookup , it is from Hong Kong. Below is an extract of the access log.
I will look whether it is possible to block at router level. I will also
have a look from the Linux command provided by K1bdx in a separate reply.
73s
Rachid
3B8FP
119.247.137.168 - - [30/Jun/2019:08:35:46 +0400] "GET
/phpmyadmin2011/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:46 +0400] "GET
/phpmyadmin2012/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:47 +0400] "GET
/phpmyadmin2013/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:47 +0400] "GET
/phpmyadmin2014/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:48 +0400] "GET
/phpmyadmin2015/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:49 +0400] "GET
/phpmyadmin2016/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:49 +0400] "GET
/phpmyadmin2017/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:50 +0400] "GET
/phpmyadmin2018/index.php?lang=en HTTP/1.1" 404 989
119.247.137.168 - - [30/Jun/2019:08:35:50 +0400] "GET
/phpmyadmin2019/index.php?lang=en HTTP/1.1" 404 989
On Sun, Jun 30, 2019 at 11:49 PM "Doug Crompton via ARM-allstar" <
arm-allstar at hamvoip.org> wrote:
> Rahcid,
>
> What is the IP address accessing? What port? Are you using a router ahead
> of your LAN? The best place to block an IP is in your router if it has a
> way to do that, most do. A router would normally block most all incoming
> ports unless you port froward them. Is the IP on a port you allow through?
>
> If it is a specific Allstar node you can block that in Supermon using the
> restrict button. You can block an IP address in your hamvoip server using
> this method -
>
> https://www.cyberciti.biz/faq/how-do-i-block-an-ip-on-my-linux-server/
>
>
> *73 Doug*
>
> *WA3DSP*
>
> *http://www.crompton.com/hamradio <http://www.crompton.com/hamradio>*
>
>
> On Sun, Jun 30, 2019 at 2:52 PM "Rachid Karroo via ARM-allstar" <
> arm-allstar at hamvoip.org> wrote:
>
> > Dear all
> >
> > Is there a script that I could insert into my Hamvoip/Supermon on my PI
> to
> > block an IP access?
> > Checking my web access log, I saw an IP (reported as abuse) trying to get
> > into here.
> >
> > Thanks
> > 73s
> > Rachid
> > 3B8FP
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3 web page - http://hamvoip.org
> >
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3 web page - http://hamvoip.org
>
More information about the ARM-allstar
mailing list