Results 1 to 2 of 2
|
Enjoy an ad free experience by logging in. Not a member yet? Register.
|
|
-
02-14-2016 #1
I detect poneytelecom connections using iftop, but how to block them?
vps:http => 212-129-28-14.rev.poneytelecom.eu:49265 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:38081 0b 0b 0b
<= 0b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:33793 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:25905 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:61101 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:56018 0b 0b 0b
<= 208b 104b 104b
vps:http => 212-129-28-14.rev.poneytelecom.eu:34651 .......
grep -Ril "212.129.28.14|14.28.129.212" /var/zpanel/logs/domains/admin/
Im seeing these connections even i added 212.129.28.14,14.28.129.212 IPs into /etc/hosts.deny which confusing me asking for help what is wrong and how to block it properly. Was looking up if i can block it in iptables according to hostname partial match, but no luck.https://zeronet.io - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network
-
02-14-2016 #2
- Join Date
- Dec 2009
- Posts
- 269
Not my expertises ... but to me it looks like "212-129-28-14.rev.poneytelecom.eu" tries to open a connection, but your server drops the request ...
vps:http => 212-129-28-14.rev.poneytelecom.eu:49265 0b 0b 0b
<= 208b 104b 104b
You got a request 104byte big ... and send 0byte back ...
Not even a request denied ...
It might get dropped in iptables - so it won't show in the httpd log ...