Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: jumba on August 18, 2008, 10:36:53 AM
-
Hello all!
I'm familiar with the excellent commands
db configuration setprop httpd-e-smith DenyHosts aaa.bbb.ccc.ddd
signal-event remoteaccess-update
and use them when needed.
AFAIK the abobe blocks http access from aaa.bbb.ccc.ddd, but now I would like to block UDP as well from certain IP numbers.
Is that possible, and if so how should I do that?
Cheers!
-
... but now I would like to block UDP as well from certain IP numbers.
UDP is already blocked from all addresses, except for return traffic for outgoing UDP streams (e.g. DNS lookups).
What problem are you trying to solve?
-
UDP is already blocked from all addresses, except for return traffic for outgoing UDP streams (e.g. DNS lookups).
What problem are you trying to solve?
Well, I would like to make life harder for port scanners like this one:
From aaa.bbb.ccc.ddd - 42 packets to udp(2094,2607,6464,6716,13879,15418,17784,18378,19606,19931,20047,22464,22860,25115,26076,27099,30290,34381,41625,43766,44206,44392,45212,45419,45919,48592,50185,50761,52932,53362,53646,55420,55640,56308,56361,58350,61255,61562,62058,62302,63272,64336)
But maybe that doesn't make sense since they don't get any valuable information anyway?
-
Well, I would like to make life harder for port scanners like this one:
Unsolicited UDP is already ignored (except possibly logged, depending on configuration).
It is the running of vulnerable services which is harmful, not responding or not responding to port scanning.
-
OK, thanks for your answer. I'll sleep more comfortable tonight :lol: :lol: