[SATLUG] Blocking with iptables, even if the hostname won't resolve

Jeremy Mann jeremymann at gmail.com
Tue May 11 13:06:02 CDT 2010


On Tue, May 11, 2010 at 11:47 AM, David Salisbury
<david.salisbury at momentumweb.com> wrote:
> So, we have a server attacking one of our services right now:
>
> maria-victoria.zevsnet.netvisio.net
>
> I'd like to use iptables to block the traffic, but unfortunately even though
> that host is continually connecting, the above domain name doesn't resolve
> to an IP and thus iptables can't do anything (iptables replies with a
> "host/network `maria-victoria.zevsnet.netvisio.net' not found" message).
>  Does anyone have any ideas about blocking this traffic, or about finding
> the IP it's associated with so I can?  So far my searches are fruitless, and
> I've not encountered a host that won't resolve like this that is currently
> and actively connecting!

David, for now I would block the entire domain, netvisio.net:

Non-authoritative answer:
Name:   netvisio.net
Address: 212.116.158.139



-- 
Jeremy Mann
jeremy at biochem.uthscsa.edu

University of Texas Health Science Center
Bioinformatics Core Facility
http://www.bioinformatics.uthscsa.edu
Phone: (210) 567-2672


More information about the SATLUG mailing list