Gdzie i czy w ogóle można sprawdzić czy ktoś atakuje mój IP albo mój FW ?
Jezeli tak to gdzie znajdę takie info ? Bo mam ostatnio pewne problemy i nie iwem czy to nie przez ataki z zewnątrz.
http://twojbf:8180/cgi-bin/diags.cgi?COMMAND=logread
# Local Custom Firewall rules
# Level 7 Filtering example:
#iptables -t mangle -A POSTROUTING -m layer7 --l7proto edonkey -j DROP
# Attention: To enable the commands below can cause some side effects
# Syn-flood and DOS protection
iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
# Port Scanners protection
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
iptables -A FORWARD -p tcp --tcp-flags ALL SYN,ACK -j DROP
# Ping-of-dead protection
iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
# Speed UP DNS
iptables -t mangle -A OUTPUT -p udp --dport 53 -j TOS --set-tos 0x08
iptables -t mangle -A PREROUTING -p udp --dport 53 -j TOS --set-tos 0x10
# Speed UP HTTP
iptables -t mangle -A OUTPUT -p tcp -j TOS --sport 80 --set-tos 0x08
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TOS --set-tos 0x08
iptables -t mangle -A OUTPUT -p tcp -j TOS --sport 80 --set-tos 0x10
# blokada dla userkow ktorzy zalegaja z oplatami wraz przekierowaniem
#iptables -I PREROUTING -t nat -s 192.168.1.163 -p tcp --dport 1:65535 -j DNAT --to 192.168.1.1:8180
#iptables -t nat -p tcp -A PREROUTING -s 192.168.1.40 --dport 80 -m state --state NEW -j DNAT --to 192.168.1.1:8180
# przekierowanie na squida
#iptables -I PREROUTING -t nat -s 192.168.1.1/24 -p tcp --dport 80 -j DNAT --to 192.168.1.1:8080
# Firewall Access Configuration File
#
# This file contains entries in the following format:
# type active permit|deny protocol source[/mask] destination[/mask] port
#
# type = access # Control access THROUGH the Firewall
# type = admin # Control access TO the Firewall
# active = Y or N
access Y deny all any 66.185.126.34 all #Example - Deny internet access to this IP
access Y deny tcp any any 445 #Example - wirus!!
access Y deny tcp any any 445 #Example - wirus!!
access Y deny tcp any any 139 #Example - wirus!!
access Y deny tcp any any 139 #Example - wirus!!
access Y deny tcp any any 138 #Example - wirus!!
access Y deny tcp any any 138 #Example - wirus!!
access Y deny tcp any any 137 #Example - wirus!!
access Y deny tcp any any 140 #Example - wirus!!
access Y deny tcp any any 141 #Example - wirus!!
access Y deny tcp any any 136 #Example - wirus!!
access Y deny tcp any any 136 #Example - wirus!!
access Y deny tcp any any 142 #Example - wirus!!
access Y deny tcp any any 1080 #Example - wirus!!
access Y deny tcp any any 1214 #Example - Dewirus!!
access Y deny tcp any any 4444 #Example - wirus!!
access Y deny tcp any any 10000 #Example - wirus!!
access Y deny tcp any any 12345 #Example - wirus!!
access Y deny tcp any any 1373 #Example - wirus!!
access Y deny tcp any any 1024 #Example - wirus!!
access Y deny tcp any any 1025 #Example - wirus!!
access Y deny tcp any any 1026 #Example - wirus!!
access Y deny tcp any any 1027 #Example - wirus!!
access Y deny tcp any any 1028 #Example - wirus!!
access Y deny tcp any any 1029 #Example - wirus!!
access Y deny tcp any any 1030 #Example - wirus!!
access Y deny tcp any any 1373 #Example - wirus!!
access Y deny udp any any 445 #Example - wirus!!
access Y deny udp any any 445 #Example - wirus!!
access Y deny udp any any 139 #Example - wirus!!
access Y deny udp any any 139 #Example - wirus!!
access Y deny udp any any 138 #Example - wirus!!
access Y deny udp any any 138 #Example - wirus!!
access Y deny udp any any 137 #Example - wirus!!
access Y deny udp any any 140 #Example - wirus!!
access Y deny udp any any 141 #Example - wirus!!
access Y deny udp any any 136 #Example - wirus!!
access Y deny udp any any 136 #Example - wirus!!
access Y deny udp any any 142 #Example - wirus!!
access Y deny udp any any 1080 #Example - wirus!!
access Y deny udp any any 1214 #Example - Dewirus!!
access Y deny udp any any 4444 #Example - wirus!!
access Y deny udp any any 10000 #Example - wirus!!
access Y deny udp any any 12345 #Example - wirus!!
access Y deny udp any any 1373 #Example - wirus!!
access Y deny udp any any 1024 #Example - wirus!!
access Y deny udp any any 1025 #Example - wirus!!
access Y deny udp any any 1026 #Example - wirus!!
access Y deny udp any any 1027 #Example - wirus!!
access Y deny udp any any 1028 #Example - wirus!!
access Y deny udp any any 1029 #Example - wirus!!
access Y deny udp any any 1030 #Example - wirus!!
access Y deny udp any any 1373 #Example - wirus!!
access Y deny udp any any 6667 #Example - wirus!!
access Y deny udp any any 6668 #Example - wirus!!
access Y deny udp any any 6669 #Example - wirus!!
access Y deny udp any any 3531 #Example - wirus!!
access Y deny udp any any 901 #Example - wirus!!
access Y deny udp any any 17300 #Example - wirus!!
access Y deny tcp any any 6667 #Example - wirus!!
access Y deny tcp any any 6668 #Example - wirus!!
access Y deny tcp any any 6669 #Example - wirus!!
access Y deny tcp any any 3531 #Example - wirus!!
access Y deny tcp any any 901 #Example - wirus!!
access Y deny tcp any any 17300 #Example - wirus!!
access Y deny tcp any any 994 #Example - wirus!!
access Y deny tcp any any 529 #Example - wirus!!
access Y deny tcp any any 6588 #Example - wirus!!
access Y deny tcp any any 3127 #Example - wirus!!
access Y deny tcp any any 42 #Example - wirus!!
access Y deny tcp any any 6129 #Example - wirus!!
access Y deny tcp any any 2745 #Example - wirus!!
access Y deny tcp any any 3128 #Example - wirus!!
access Y deny tcp any any 1433 #Example - wirus!!
access Y deny tcp any any 1434 #Example - wirus!!
access Y deny tcp any any 4899 #Example - wirus!!
access Y deny tcp any any 15118 #Example - wirus!!
access Y deny tcp any any 5554 #Example - Dewirus!!
access Y deny tcp any any 4444 #Example - wirus!!
access Y deny udp any any 994 #Example - wirus!!
access Y deny udp any any 529 #Example - wirus!!
access Y deny udp any any 6588 #Example - wirus!!
access Y deny udp any any 3127 #Example - wirus!!
access Y deny udp any any 42 #Example - wirus!!
access Y deny udp any any 6129 #Example - wirus!!
access Y deny udp any any 2745 #Example - wirus!!
access Y deny udp any any 3128 #Example - wirus!!
access Y deny udp any any 1433 #Example - wirus!!
access Y deny udp any any 1434 #Example - wirus!!
access Y deny udp any any 4899 #Example - wirus!!
access Y deny udp any any 15118 #Example - wirus!!
access Y deny udp any any 5554 #Example - Dewirus!!
access Y deny udp any any 4444 #Example - wirus!!
admin Y permit tcp any any 21 #FTP
block_ip 66.185.126.34
block_port 81 tcp
block_port 80 tcp
block_port 80 udp
block_port 445 tcp
block_port 445 udp
block_port 8180 tcp
block_port 8180 udp
block_port 37494 udp
block_port 37494 tcp
block_port 1863 tcp
block_port 1863 udp
block_port 5190 udp
block_port 5223 tcp
block_port 5223 udp
block_port 6667 tcp
block_port 6667 udp
block_port 6666 tcp
block_port 6666 udp
block_port 6891:6900 tcp
block_port 6901 tcp
block_port 6901 udp
block_port 8080 tcp
block_port 8080 udp
2006-06-05 23:46:30 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=84.9.165.140 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=114 ID=44656 PROTO=UDP SPT=10508 DPT=41597 LEN=71
2006-06-05 23:46:38 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=72.24.224.100 DST=83.14.67.178 LEN=90 TOS=0x00 PREC=0x00 TTL=113 ID=1429 PROTO=UDP SPT=60615 DPT=41597 LEN=70
2006-06-05 23:46:40 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=87.105.106.170 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=119 ID=28956 PROTO=UDP SPT=13869 DPT=41597 LEN=71
2006-06-05 23:46:40 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=141.151.2.107 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=112 ID=32393 PROTO=UDP SPT=50257 DPT=41597 LEN=71
2006-06-05 23:46:41 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=70.32.68.32 DST=83.14.67.178 LEN=90 TOS=0x00 PREC=0x00 TTL=45 ID=45957 PROTO=UDP SPT=46578 DPT=41597 LEN=70
2006-06-05 23:46:42 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=201.214.196.162 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=110 ID=59548 PROTO=UDP SPT=52927 DPT=41597 LEN=71
2006-06-05 23:46:44 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=82.82.232.239 DST=83.14.67.178 LEN=70 TOS=0x00 PREC=0x00 TTL=117 ID=56715 PROTO=UDP SPT=29124 DPT=41597 LEN=50
2006-06-05 23:46:47 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=85.178.24.197 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=117 ID=47115
PROTO=UDP SPT=6881 DPT=41597 LEN=71
2006-06-05 23:46:50 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=82.64.103.197 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=118 ID=31049 PROTO=UDP SPT=21391 DPT=41597 LEN=71
2006-06-05 23:46:52 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=69.165.110.111 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=111 ID=54887 PROTO=UDP SPT=60300 DPT=41597 LEN=71
2006-06-05 23:46:54 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=83.201.233.156 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=116 ID=2946 PROTO=UDP SPT=6881 DPT=41597 LEN=71
2006-06-05 23:46:55 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=203.252.58.92 DST=83.14.67.178 LEN=526 TOS=0x00 PREC=0x00 TTL=49 ID=0 DF PROTO=UDP SPT=31260 DPT=1026 LEN=506
2006-06-05 23:46:56 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=211.26.32.244 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=105 ID=65435 PROTO=UDP SPT=6881 DPT=41597 LEN=71
2006-06-05 23:46:57 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=82.158.46.143 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=112 ID=40182 PROTO=UDP SPT=6881 DPT=41597 LEN=71
2006-06-05 23:46:58 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=217.211.220.52 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=114 ID=37570 PROTO=UDP SPT=11777 DPT=41597 LEN=71
2006-06-05 23:46:58 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=84.129.184.74 DST=83.14.67.178 LEN=91 TOS=0x00 PREC=0x00 TTL=120 ID=48741 PROTO=UDP SPT=65535 DPT=41597 LEN=71
2006-06-05 23:47:00 User.Warning 192.168.2.1 kernel: BLOCKED CONNECTION:IN=eth1 OUT= MAC=00:60:97:e2:58:59:00:13:a3:28:30:af:08:00 SRC=68.69.194.141 DST=83.14.67.178 LEN=69 TOS=0x00 PREC=0x00 TTL=109 ID=49023 PROTO=UDP SPT=13956 DPT=41597 LEN=49
Usuários navegando neste fórum: Nenhum usuário registrado e 20 visitantes