how to block one ip to my ftp server

Dear all,

Recently, I found that one ip enter to my ftp server, and want to block it.
How do I do? thanks

Simon

On Thu, 24 Jun 2004 09:04:33 +0800, Simon Lee wrote:

> Dear all,
>
> Recently, I found that one ip enter to my ftp server, and want to block it.
> How do I do? thanks
>
> Simon

I believe the most straight forward approach is to drop all packets sent
to port 21 from the offending IP address in your system's
firewall. This will leave everything else exactly as it was and will
only block FTP connections from that IP address.

On Thu, 24 Jun 2004 09:04:33 +0800, Simon Lee wrote:

> Dear all,
>
> Recently, I found that one ip enter to my ftp server, and want to block
> it. How do I do? thanks
>

You could specify any particular hosts in you
access control files, /etc/hosts.deny . or just
drop the ftp packets coming from that ip in your
firewall.


--
Pat S. Tongco
stderr(Cagayan de Oro)

Dako Oten <Dako_Oten@filipines_islands.org> wrote:
> On Thu, 24 Jun 2004 09:04:33 +0800, Simon Lee wrote:
>> Recently, I found that one ip enter to my ftp server, and want to block
>> it. How do I do? thanks
>
> You could specify any particular hosts in you
> access control files, /etc/hosts.deny . or just
> drop the ftp packets coming from that ip in your
> firewall.

A bit of clarification about /etc/hosts.deny: this file is part
of TCP_Wrappers setup. On RHL6.2, for example, you should have
inetd-0.16-4 and tcp_wrappers-7.6-10 packages installed, and also
have smth like this in your /etc/inetd.conf file (notice reference
to "/usr/sbin/tcpd"):

ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -Idvl -a

If you're using newer distro, which has "xinetd" instead of older
"inetd", then you should edit /etc/xinetd.d/ftpd (or similar) file.

--
andrei