Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    I detect poneytelecom connections using iftop, but how to block them?


    I see the http connections using iftop linux tool:

    vps:http => 212-129-28-14.rev.poneytelecom.eu:49265 0b 0b 0b
    <= 208b 104b 104b
    vps:http => 212-129-28-14.rev.poneytelecom.eu:38081 0b 0b 0b
    <= 0b 104b 104b
    vps:http => 212-129-28-14.rev.poneytelecom.eu:33793 0b 0b 0b
    <= 208b 104b 104b
    vps:http => 212-129-28-14.rev.poneytelecom.eu:25905 0b 0b 0b
    <= 208b 104b 104b
    vps:http => 212-129-28-14.rev.poneytelecom.eu:61101 0b 0b 0b
    <= 208b 104b 104b
    vps:http => 212-129-28-14.rev.poneytelecom.eu:56018 0b 0b 0b
    <= 208b 104b 104b
    vps:http => 212-129-28-14.rev.poneytelecom.eu:34651 .......
    i checked my httpd log folder and found no connections by that IP:
    grep -Ril "212.129.28.14|14.28.129.212" /var/zpanel/logs/domains/admin/

    Im seeing these connections even i added 212.129.28.14,14.28.129.212 IPs into /etc/hosts.deny which confusing me asking for help what is wrong and how to block it properly. Was looking up if i can block it in iptables according to hostname partial match, but no luck.
    https://zeronet.io - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network

  2. #2
    -->
    Not my expertises ... but to me it looks like "212-129-28-14.rev.poneytelecom.eu" tries to open a connection, but your server drops the request ...

    vps:http => 212-129-28-14.rev.poneytelecom.eu:49265 0b 0b 0b
    <= 208b 104b 104b

    You got a request 104byte big ... and send 0byte back ...
    Not even a request denied ...
    It might get dropped in iptables - so it won't show in the httpd log ...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •