Home page logo
/

basics logo Security Basics mailing list archives

blocking multiple hosts at once (hosts from an apache log)
From: Emmanuel Oga <emmanueloga () gmail com>
Date: Sun, 6 Dec 2009 04:27:34 -0300

I have a problem I don't even know how to google for with the proper terms.

I'm using a VPS to host some http pages, my bandwith per month is
fixed at about 2gb total.

I leaved apache running, without anything but the hello world page,
for about 15 days.

When I came back, I learned 1.5GB or so of my bandwith was drained by
requests from a lot of different hosts (most of them from china).

All the bandwith was sucked by serving 404 pages, and this was only
from the apache log, I'm not sure about the connections to other ports

My question is, how can I block these and other potential sources of
"bad traffic" ?  (or even all connections from china) Is there any
tool to automate this? Which firewall should I be using on my server?

Googling around I found these dnsbl black lists, these are supposed to
be for spam filtering, but would it make sense to use them to block
hosts trying to connect to my server?

Thanks

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault