You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 330 guest(s) and 41 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - More IPs for your banning pleasure [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

 
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
Author Message
fisicouk
Sergeant
Sergeant


Joined: Nov 25, 2004
Posts: 84


PostPosted: Wed Feb 09, 2005 2:46 am Reply with quoteBack to top

Hd 3.1 released

https://sourceforge.net/project/showfiles.php?group_id=130777&package_id=143440

_________________
Image
Host.Deny Your Fast Track Security Resource
Find all posts by fisicoukView user's profileSend private message
allevon
Site Mod
Site Mod


Joined: Nov 22, 2002
Posts: 716

Location: New Jersey

PostPosted: Thu Feb 10, 2005 9:38 pm Reply with quoteBack to top

Lloyd,

May I remind you that I was the one who STARTED the thread based on a discussion I had and the idea from Paul Laudanski. Didnt see this in the Readme, excpet Nukecops. So I know Paul should get the nod for this.

_________________
"Give Me Liberty, Or Give Hackerz Death!!!"
Patrick Henry Revised for 21st century.
Let The Bodies Hit The Floor! Let The Bodies Hit The Floor!
Find all posts by allevonView user's profileSend private messageVisit poster's website
fisicouk
Sergeant
Sergeant


Joined: Nov 25, 2004
Posts: 84


PostPosted: Fri Feb 11, 2005 3:05 am Reply with quoteBack to top

Sorry

See your PM

_________________
Image
Host.Deny Your Fast Track Security Resource
Find all posts by fisicoukView user's profileSend private message
fisicouk
Sergeant
Sergeant


Joined: Nov 25, 2004
Posts: 84


PostPosted: Fri Feb 11, 2005 3:06 am Reply with quoteBack to top

Quote:
Thank you for choosing to downloading this file.
I hope that you will find this file usefull, and if you have any comments, or any IPS you feel need to be added to the list, just give me a bell at webmaster@atc2532sqn.org.uk
_____________________________________________________________________________________________________________________________

HOW TO INSTALL


Simply unzip this folder (Which you shold have done already if your reading this) and upload the host.deny file to the/etc folder on your web server
_____________________________________________________________________________________________________________________________

RELEASE LOG
03-02-2005-Release 1 v3.1a (New banned Ips from NukeMods. I've also updated XLS file to 1.2B.')
03-02-2005-Release 1 v2.4d (New banned Ips from NukeMods. I've also updated XLS file to 1.2B.')
27-01-2005-Release 1 v2.4c (New banned Ips from NukeMods. I've also included a Microsoft Excel Spreadsheet, with all the banned IP's within it, and the ability to add your own, sort and remove duplicates.I've Used a VB script by MrGunnage to do this.')
25-01-2005-Release 1 v2.4b (New banned Ips from NukeMods. I've also included a Microsoft Excel Spreadsheet, with all the banned IP's within it, and the ability to add your own, sort and remove duplicates.I've Used a VB script by MrGunnage to do this.')
21-01-2005-Release 1 v2.4a (No Ips Were added in this release. However I've Used a VB script by MrGunnage to remove duplications.')
21-01-2005-Release 1 v2.3a (Added list of Banned Ips from NukeCops,Groundhost and Host.Deny)
10-01-2005-Release 1 v2.2c (Added list of Banned Ips from NukeCops, and Host.Deny)
07-01-2005-Release 1 v2.2b (Added list of Banned Ips from NukeGallery)
07-01-2005-Release 1 v2.2a (More banned IPS from NukeCops) ***This file was never released online, so we moved on to 2.2b***)
05-01-2005-Release 1 v2.1d (More banned IPS from NukeCops) Thanks Also To MrGrunge and Happy new year to all webmasters!
16-12-2004-Release 1 v2.1c (More banned IPS from NukeCops)
16-12-2004-Release 1 v2.1b (More banned IPS from NukeCops)
16-12-2004-Release 1 v2.1a (Added more to this file, and corrected where to upload the file to ***This file was never released online, so we moved on to 2.1b***)
14-12-2004-Release 1 V1.2 (More banned IPS from NukeCops)
14-12-2004-Release 1 V1.1

_____________________________________________________________________________________________________________________________

PLEASE READ!!!!!

As you are reading this I am hard at work on working out a way (And eventually) Creating a file that will add this ban list to your NUKE database (Editable in the admin Panel)
A Version in time will be available for PHPBB 2.0.x and PHPBB 3.0.x (olympus)
To do this takes time, so if your interested in helping or donating to the project, visit my site at http://www.host-deny.tk and contact me there.
_____________________________________________________________________________________________________________________________

DONATE TO THE PROJECT

Being able to compile this file, and mantain the site takes a lot of time and money. I am hoping to make this site expand, but to do so, I need donations
How can you donate to the project?
You can either use the donate link on the top right hand page of my main site, or e-mail me for a contact address.

Thank you in advance.
_____________________________________________________________________________________________________________________________

WITH THANKS TO

www.nukecops.com-for the basis of the IP's found in this file
allevon:NukeCops
Paul Laudanski:NukeCops
www.groundhost.net-for enabling me to do this without a budget
Warrant Officer Sean Kelly RAF-For all the guidance and support and for testing the file
www.nukemods.com-For the website theme
http://www.host.deny.tk

_________________
Image
Host.Deny Your Fast Track Security Resource
Find all posts by fisicoukView user's profileSend private message
Father
Lieutenant
Lieutenant


Joined: Apr 30, 2003
Posts: 165

Location: Australia

PostPosted: Fri Feb 11, 2005 11:51 pm Reply with quoteBack to top

Some of the stuff confuses me, hosts.deny does not block access to websites at all?

I've imported it into an .htacces file instead but it just makes the website crawl to a halt.

So how can hosts.deny ever protect a nuke site itself from script attacks and injections etc?

_________________
www.TheOlderGamers.com
Find all posts by FatherView user's profileSend private messageVisit poster's website
allevon
Site Mod
Site Mod


Joined: Nov 22, 2002
Posts: 716

Location: New Jersey

PostPosted: Sat Feb 12, 2005 2:44 am Reply with quoteBack to top

Father, you must have an error in it. check for proper spacing as the ones IVE posted as well as anything as it does not appear from these threads. Your site speed WILL increase to TWICE as fast if it is correct and in the /etc folder.

_________________
"Give Me Liberty, Or Give Hackerz Death!!!"
Patrick Henry Revised for 21st century.
Let The Bodies Hit The Floor! Let The Bodies Hit The Floor!
Find all posts by allevonView user's profileSend private messageVisit poster's website
Father
Lieutenant
Lieutenant


Joined: Apr 30, 2003
Posts: 165

Location: Australia

PostPosted: Sat Feb 12, 2005 3:29 am Reply with quoteBack to top

I meant I put the blocked IP's in htaccess instead of hosts.deny.
That is really slowing things down beyond use.

Coz if I use hosts.deny it does not block them from HTTP access right?

_________________
www.TheOlderGamers.com
Find all posts by FatherView user's profileSend private messageVisit poster's website
fisicouk
Sergeant
Sergeant


Joined: Nov 25, 2004
Posts: 84


PostPosted: Wed Feb 16, 2005 3:04 am Reply with quoteBack to top

Father wrote:
I meant I put the blocked IP's in htaccess instead of hosts.deny.
That is really slowing things down beyond use.

Coz if I use hosts.deny it does not block them from HTTP access right?

yeah

P.s this may be usefull to you

I've found a way to create an auto Execute file for PHPBB. Now I'll be able to convert this to Nuke easilly and once I get the coding correct, It'll be easy to use (As ling as the server doesn't time out (2.4MB php file))

_________________
Image
Host.Deny Your Fast Track Security Resource
Find all posts by fisicoukView user's profileSend private message
Father
Lieutenant
Lieutenant


Joined: Apr 30, 2003
Posts: 165

Location: Australia

PostPosted: Thu Feb 17, 2005 12:49 am Reply with quoteBack to top

Also rather then blocking indepedent IP's

Why not block the countries all together who have no business accessing the server.

I assume this will do the trick?

ALL: .ru : DENY
ALL: .cn : DENY

The above blocks china and russia.

_________________
www.TheOlderGamers.com
Find all posts by FatherView user's profileSend private messageVisit poster's website
fisicouk
Sergeant
Sergeant


Joined: Nov 25, 2004
Posts: 84


PostPosted: Thu Feb 17, 2005 6:00 am Reply with quoteBack to top

I don't think so I never tried it but it blocks IPs only to my knowledge.
You can block ranges such as
ALL: 101.*.*.* : DENY

_________________
Image
Host.Deny Your Fast Track Security Resource
Find all posts by fisicoukView user's profileSend private message
Father
Lieutenant
Lieutenant


Joined: Apr 30, 2003
Posts: 165

Location: Australia

PostPosted: Thu Feb 17, 2005 2:45 pm Reply with quoteBack to top

According to hosts.deny guides you can block both domains and IP addresses, here is one:

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-tcpwrappers-access.html

_________________
www.TheOlderGamers.com
Find all posts by FatherView user's profileSend private messageVisit poster's website
allevon
Site Mod
Site Mod


Joined: Nov 22, 2002
Posts: 716

Location: New Jersey

PostPosted: Sat Feb 19, 2005 12:17 am Reply with quoteBack to top

Outstanding Father!! Defintiely gives the potential for a whole slew of Rainbow Brite. Good work!! Anyway, Now that ive recovered from server transfers and backed up work, im back in action. I have been compiling loads of retards IPs who think they can get away with their Rainbow Brite. so gimme a day or so and Ill put them together from all the sites and post them. Hats off to fisicouk for his excellent work and getting the ball rolling on a central place to have this project grow.

_________________
"Give Me Liberty, Or Give Hackerz Death!!!"
Patrick Henry Revised for 21st century.
Let The Bodies Hit The Floor! Let The Bodies Hit The Floor!
Find all posts by allevonView user's profileSend private messageVisit poster's website
Father
Lieutenant
Lieutenant


Joined: Apr 30, 2003
Posts: 165

Location: Australia

PostPosted: Sat Feb 19, 2005 4:25 am Reply with quoteBack to top

This is the way I have setup mine

HOSTS.ALLOW

ALL: .yourdomain.com

To ensure that you can always get in, if you have a static IP you can put it there obviously.

HOSTS.DENY

Putting this in your hosts.deny should block pretty much every country in existance, so be carefull!

ALL: .AC : DENY
ALL: .AD : DENY
ALL: .AE : DENY
ALL: .AG : DENY
ALL: .AI : DENY
ALL: .AL : DENY
ALL: .AM : DENY
ALL: .AN : DENY
ALL: .AP : DENY
ALL: .AQ : DENY
ALL: .AR : DENY
ALL: .AS : DENY
ALL: .AT : DENY
ALL: .AU : DENY
ALL: .AZ : DENY
ALL: .BA : DENY
ALL: .BB : DENY
ALL: .BF : DENY
ALL: .BG : DENY
ALL: .BH : DENY
ALL: .BI : DENY
ALL: .BM : DENY
ALL: .BN : DENY
ALL: .BO : DENY
ALL: .BR : DENY
ALL: .BT : DENY
ALL: .BY : DENY
ALL: .BZ : DENY
ALL: .CA : DENY
ALL: .CC : DENY
ALL: .CD : DENY
ALL: .CF : DENY
ALL: .CG : DENY
ALL: .CH : DENY
ALL: .CK : DENY
ALL: .CL : DENY
ALL: .CM : DENY
ALL: .CN : DENY
ALL: .CO : DENY
ALL: .CR : DENY
ALL: .CU : DENY
ALL: .CX : DENY
ALL: .CY : DENY
ALL: .CZ : DENY
ALL: .DE : DENY
ALL: .DJ : DENY
ALL: .DK : DENY
ALL: .DO : DENY
ALL: .DZ : DENY
ALL: .EC : DENY
ALL: .EE : DENY
ALL: .EG : DENY
ALL: .FI : DENY
ALL: .FJ : DENY
ALL: .FK : DENY
ALL: .FM : DENY
ALL: .FR : DENY
ALL: .FO : DENY
ALL: .GB : DENY
ALL: .GE : DENY
ALL: .GF : DENY
ALL: .GG : DENY
ALL: .GH : DENY
ALL: .GI : DENY
ALL: .GL : DENY
ALL: .GM : DENY
ALL: .GN : DENY
ALL: .GR : DENY
ALL: .GS : DENY
ALL: .GT : DENY
ALL: .GU : DENY
ALL: .HK : DENY
ALL: .HM : DENY
ALL: .HN : DENY
ALL: .HR : DENY
ALL: .HU : DENY
ALL: .ID : DENY
ALL: .IE : DENY
ALL: .IL : DENY
ALL: .IM : DENY
ALL: .IN : DENY
ALL: .INT : DENY
ALL: .IO : DENY
ALL: .IR : DENY
ALL: .IS : DENY
ALL: .IT : DENY
ALL: .JE : DENY
ALL: .JO : DENY
ALL: .KE : DENY
ALL: .KG : DENY
ALL: .KH : DENY
ALL: .KR : DENY
ALL: .KW : DENY
ALL: .KY : DENY
ALL: .KZ : DENY
ALL: .LB : DENY
ALL: .LC : DENY
ALL: .LI : DENY
ALL: .LK : DENY
ALL: .LR : DENY
ALL: .LT : DENY
ALL: .LU : DENY
ALL: .LV : DENY
ALL: .LY : DENY
ALL: .MC : DENY
ALL: .MD : DENY
ALL: .MG : DENY
ALL: .MH : DENY
ALL: .MK : DENY
ALL: .MM : DENY
ALL: .MN : DENY
ALL: .MO : DENY
ALL: .MP : DENY
ALL: .MQ : DENY
ALL: .MR : DENY
ALL: .MS : DENY
ALL: .MT : DENY
ALL: .MU : DENY
ALL: .MX : DENY
ALL: .MY : DENY
ALL: .MW : DENY
ALL: .NA : DENY
ALL: .NC : DENY
ALL: .NF : DENY
ALL: .NI : DENY
ALL: .NL : DENY
ALL: .NO : DENY
ALL: .NP : DENY
ALL: .NU : DENY
ALL: .OM : DENY
ALL: .PA : DENY
ALL: .PE : DENY
ALL: .PG : DENY
ALL: .PH : DENY
ALL: .PK : DENY
ALL: .QA : DENY
ALL: .RE : DENY
ALL: .RO : DENY
ALL: .RU : DENY
ALL: .RW : DENY
ALL: .SA : DENY
ALL: .SB : DENY
ALL: .SE : DENY
ALL: .SG : DENY
ALL: .SH : DENY
ALL: .SI : DENY
ALL: .SK : DENY
ALL: .SM : DENY
ALL: .SN : DENY
ALL: .SO : DENY
ALL: .ST : DENY
ALL: .SU : DENY
ALL: .SV : DENY
ALL: .SZ : DENY
ALL: .TC : DENY
ALL: .TD : DENY
ALL: .TF : DENY
ALL: .TH : DENY
ALL: .TJ : DENY
ALL: .TM : DENY
ALL: .TN : DENY
ALL: .TO : DENY
ALL: .TP : DENY
ALL: .TR : DENY
ALL: .TT : DENY
ALL: .TV : DENY
ALL: .TW : DENY
ALL: .TZ : DENY
ALL: .UA : DENY
ALL: .UG : DENY
ALL: .UM : DENY
ALL: .US : DENY
ALL: .UY : DENY
ALL: .VE : DENY
ALL: .VG : DENY
ALL: .VI : DENY
ALL: .VU : DENY
ALL: .WF : DENY
ALL: .WS : DENY
ALL: .YT : DENY
ALL: .YU : DENY
ALL: .ZA : DENY
ALL: .ZM : DENY
ALL: .NZ : DENY
ALL: .BE : DENY
ALL: .UK : DENY
ALL: .AU : DENY
ALL: .ES : DENY
ALL: .JP : DENY

A country DB can be found here which I used to compile the above list
http://www.domainit.com/country-domains-jp.html

Hosts.deny does NOT block HTTP access, only things like FTP, SSH etc.

If you run a tail -F on your secure log you should see the blocks happening like this:
Feb 19 06:15:56 tog xinetd[3248]: FAIL: smtp libwrap from=213.180.200.18
(Russia in action here)

in your messages log you should see
Feb 19 06:15:56 tog xinetd[3248]: libwrap refused connection to smtp (libwrap=tcp-env) from 213.180.200.18

So you can then easily do a search on keywords like refused in the log, I then add those ranges to protector/sentinel as well and block em from my sites.
And I will be putting them into IPtables as well soon.
Ideally write a script that pulls them out of the log and IPtables them automatically.

I'm not making claims here that what I'm doing is correct as I only started implementing this on my server as of today but it certainly seems to work, the above IP address was blocked by using a deny on .ru extension coz I don't have it explicitly denied.

Certainly beats blocking 23,000+ IP's seperately.

If anyone could confirm my claims here as working exactly that way, myself and the community wanting to keep jerks out of their systems would undoubtedly appreciate it Very Happy

_________________
www.TheOlderGamers.com
Find all posts by FatherView user's profileSend private messageVisit poster's website
fisicouk
Sergeant
Sergeant


Joined: Nov 25, 2004
Posts: 84


PostPosted: Sat Feb 19, 2005 5:11 am Reply with quoteBack to top

certainly a good idea but sometimes there may be a nice person from russia on kjimfcbveroiina who wants to SURF the site not HACK it.

I'll be using that on my cadet site, as I only want UK cadets visiting it. So I'll try it on monday

Cheers Alveon I'll release 3.1B on Mon/Tues, then get to work on this auto execute file.. (Nearly cracked it for PHPBB last week)

_________________
Image
Host.Deny Your Fast Track Security Resource
Find all posts by fisicoukView user's profileSend private message
mikept
Nuke Cadet
Nuke Cadet


Joined: Feb 22, 2005
Posts: 7


PostPosted: Tue Feb 22, 2005 2:43 am Reply with quoteBack to top

That option that Father gave is a good idea but in my case i have my site hosted on a hosting company that i don't have access to the system files to make that change (host.deny and host.allow)... is there any option to make that on other place like .htaccess?
Find all posts by mikeptView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.099 Seconds - 406 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::