Anyone know a way to do this? I thought I found a place a while ago but didn't bookmark it and can't find it again. I have an attacker from Saudi Arabia trying to get into an FTP server and want to block as much of that country as I can at the moment.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Listing ISP Subnet(s)
- Thread starter Wolf-R1
- Start date
you mean something like this?
http://www.countryipblocks.net/
'attackers' try to get into FTP servers all the time. i have dozens of chinese IPs scanning mine daily, trying to log in as administrator and brute forcing the password. these are just programs that scan the internet looking for a connection on port 21, not someone actually sitting there trying to hack you specifically (usually, anyway). as long as you dont have the admin account protected by the password "password", and set a rule to ban the IP after x failed login attempts, there should be little to worry about.
http://www.countryipblocks.net/
'attackers' try to get into FTP servers all the time. i have dozens of chinese IPs scanning mine daily, trying to log in as administrator and brute forcing the password. these are just programs that scan the internet looking for a connection on port 21, not someone actually sitting there trying to hack you specifically (usually, anyway). as long as you dont have the admin account protected by the password "password", and set a rule to ban the IP after x failed login attempts, there should be little to worry about.
Hey that helps, thanks! I also found this:
www.robtex.com
Kind of pulls everything together into one tool instead of using all my other resources individually.
Also thanks for the advice but I was aware of the fact that it's probably automated. Still, when I see them come in like that I like to block access since most places that attack us have no need for access. So it can't hurt to disallow them one layer up.
www.robtex.com
Kind of pulls everything together into one tool instead of using all my other resources individually.
Also thanks for the advice but I was aware of the fact that it's probably automated. Still, when I see them come in like that I like to block access since most places that attack us have no need for access. So it can't hurt to disallow them one layer up.
I use the DROP list from spamhaus as well; http://www.spamhaus.org/drop/