Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

HELP! UNDER ATTACK!

Discussion in 'General Discussion' started by SHSaeed, Nov 2, 2002.

  1. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    316
    We've been under attack for a couple of hours now. I tried to block the attacker with [b:4f8a97f080]iptables -I INPUT 1 -s xxx.xxx.xxx.xxx -j DROP[/b:4f8a97f080] but I get &iptables v1.2.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.& I also tried to use /sbin/route to block them but it's of no use!!! How can I block these attacks, they're causing Apache to reach maxclients (which is set to 256).

    Please HELP!!!!!!!!
     
  2. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    316
    Here are the IPs that were attacking if anyone's interested...

    24.185.148.33
    68.36.123.27
    66.76.93.157
    68.11.36.65
    24.205.209.230
    12.220.192.165
    68.5.224.66
    4.46.204.175
    24.76.66.39
    66.189.215.241
    128.111.71.114
    212.202.128.213
    4.46.204.175

    We finally got our datacenter to null route the listed IPs.
     
  3. SHSaeed

    SHSaeed Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    316
    Found a way to do it ourselves...

    ipchains -A input -s &IP&/255.255.255.255 -d 0.0.0.0/0.0.0.0 -j DENY

    By replacing &IP& with the attacking IP you will block them on all ports.
     
  4. itf

    itf Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    316
    refer to this post I wrote there
    http://forums.cpanel.net/read.php?TID=5583&page=1#24084
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice