block a dns address

Support section for FREESCO v0.4.x

block a dns address

Postby lotus123r5 » Fri Nov 27, 2015 2:09 am

Best Support,

is it possible to block a dyndns or freedns or no-ip or other dns name?
Some providers dont give static ip-addresses to their customers, so if i block an external ip address with be,xxx.xxx.xxx.xxx # then the next day i have "attacks" again from the same dns account with another ip-address :(. So, is it possible to block a dns name, for example: be,nomoreattack.ddns.net #
User avatar
lotus123r5
Member
 
Posts: 61
Joined: Sat Oct 04, 2008 7:58 am

Re: block a dns address

Postby Lightning » Sat Nov 28, 2015 11:50 am

It is somewhat possible. The problem is that you will almost have to do it manually for your specific situation.

First thing is to figure out exactly what is shown in the logs to indicate an attack. Then create a monitor script that will keep checking the logs and add a firewall rule to block it. The ipfwadm script can use names rather than IP's if the network and DNS is fully up and running.

So my guess is that you might not be able to do it, but if you post a log snippet of the offender than I most likely can give a solution.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: block a dns address

Postby lotus123r5 » Sun Nov 29, 2015 4:11 am

OK, thx for the info, .. not that easy... will come back to this issue after upgrade to 0.4.5, and if the dns attack issue still plays.
User avatar
lotus123r5
Member
 
Posts: 61
Joined: Sat Oct 04, 2008 7:58 am


Return to FREESCO Support for v0.4.x

Who is online

Users browsing this forum: No registered users and 2 guests

cron