[SATLUG] Blocking with iptables, even if the hostname won't resolve

David Salisbury david.salisbury at momentumweb.com
Tue May 11 11:47:59 CDT 2010


So, we have a server attacking one of our services right now:

maria-victoria.zevsnet.netvisio.net

I'd like to use iptables to block the traffic, but unfortunately even 
though that host is continually connecting, the above domain name 
doesn't resolve to an IP and thus iptables can't do anything (iptables 
replies with a "host/network `maria-victoria.zevsnet.netvisio.net' not 
found" message).  Does anyone have any ideas about blocking this 
traffic, or about finding the IP it's associated with so I can?  So far 
my searches are fruitless, and I've not encountered a host that won't 
resolve like this that is currently and actively connecting!
David



More information about the SATLUG mailing list