kardelen

I have been providing ftp server for a closed(to outside) network, and someone is troubling me. I have found the IP adress of the client, and now I want to prevent it from reaching the server, but I don't know how. Can someone help?

anomie

Someone on your internal, private network is giving you trouble? Make him sit in the corner for one hour.

You can add a DROP rule for his IP to your iptables INPUT chain. Or you can deny him with the tcp_wrappers mechanism - /etc/hosts.deny.

Both very effective.

kardelen

I am new to linux, so can you tell me how to do these?

anomie

Depending on how you manage iptables/netfilter, the easier of the two is probably denying with tcp_wrappers.

Step 1
Run the command whereis -b vsftpd. Make a note of the first path it returns. In my case, that is /usr/sbin/vsftpd.

Next, using that path, run the command ldd /usr/sbin/vsftpd | grep 'libwrap.so'. Did you see any results? If so, vsftpd has been compiled with tcp_wrappers support. If not, the rest of the steps won't do anything.

Step 2
Edit /etc/hosts.deny and add a line that looks like: where "10.0.0.1" is the IP of the person you want to deny.

That should take care of it. If the person you're trying to deny is sufficiently clever, though, there are probably going to be more steps to take.

kardelen

Thank you, that seems to have solved the problem.