1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Any linux firewall that can do auto temp IP bans?

Discussion in 'Security' started by LittlBUGer, Jul 30, 2007.

  1. #1
    Hello. Does anyone know of any linux firewall (free or not) or any similar program that can do automatic (say if there's too many connections from an IP) temporary IP bans, for a certain amount of time (like 1 hour)? The reason I can't have permanent bans and just use any firewall is because for some reason my friends end up on the list even though they didn't abuse anything. Thanks.
    SEMrush
     
    LittlBUGer, Jul 30, 2007 IP
    SEMrush
  2. rootbinbash

    rootbinbash Peon

    Messages:
    2,199
    Likes Received:
    88
    Best Answers:
    0
    Trophy Points:
    0
    #2
    snort.And here are some other softwares.apf also can auto ban(apf is better for your situation, snort needs a lot of experience and rules).But the question is what are you trying to fix?If you are going to ban them because of syn attacks, without snort you can't handle them.Apache will keep heavy load etc.
     
    rootbinbash, Jul 30, 2007 IP
  3. gslboy

    gslboy Peon

    Messages:
    5
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    The problem with this kind of a IP ban is that you can end up with blocking legitimate traffic as well so you have to be careful. we use iptable firewall on Linux environment we had the same problem what you have , what we done is configured an alert on such situation and block it manually.
    If you are using Apache check mod-evasive module which has some sort of your requirement.
     
    gslboy, Jul 30, 2007 IP
  4. LittlBUGer

    LittlBUGer Peon

    Messages:
    306
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Thank you for the info. I will look into snort, but otherwise, I'll probably just have to set up a more elaborate alerting system and do things manually. That's such a pain in the butt, but if that's all that can be done, then oh well. :)
     
    LittlBUGer, Jul 31, 2007 IP
  5. inworx

    inworx Peon

    Messages:
    4,862
    Likes Received:
    201
    Best Answers:
    0
    Trophy Points:
    0
    #5
    IPtables does that.

    Download configserver firewall for temporary and automatic bans or similar.
     
    inworx, Aug 5, 2007 IP
  6. LittlBUGer

    LittlBUGer Peon

    Messages:
    306
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Ahh Yes, I remember that one now. Thank you! :)
     
    LittlBUGer, Aug 5, 2007 IP