Banning IPs

Hi,

I know this is a problem but I would like someone to point me to at
least good ressources on the net. Google hasn't helped me in a couple of
days.

I have a personal ftp server, used solely for family and close friends
(exchanging kids' pictures and work files). I am under constant attack
from what seems to be script kiddies who try dictionary attacks to no
avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
though they might hide under proxies). All their IPs are automatically
banned by BulletProof at the 5th try, but this method has many limits.

Is there a way to make sure IPs (although that will not help with local
proxies, I know) that try to connect are only French and British IPs?
That would save me a lot of time.

Thanks for your help.

Sam

Hi
You can not ban any thing on the Internet per-se. The only control that you
have is what ever inside your Network pass your Modem.
In your case it is banned by the application. Since you did not describe the
rest of your system it is hard do know if you have any better spot that can
be set a filter.
In any case I think that to achieve such filtering you will have to buy a
special SOHO Internet Appliance that can filter by domains/IPs by wild
cards.
Example, http://www.sonicwall.com/us/Products_Solutions.html
Jack (MS, MVP-Networking).

"Samuel Marin" wrote in message
...
Hi,

I know this is a problem but I would like someone to point me to at least
good ressources on the net. Google hasn't helped me in a couple of days.

I have a personal ftp server, used solely for family and close friends
(exchanging kids' pictures and work files). I am under constant attack
from what seems to be script kiddies who try dictionary attacks to no
avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
though they might hide under proxies). All their IPs are automatically
banned by BulletProof at the 5th try, but this method has many limits.

Is there a way to make sure IPs (although that will not help with local
proxies, I know) that try to connect are only French and British IPs?
That would save me a lot of time.

Thanks for your help.

Sam

Hi
You can not ban any thing on the Internet per-se. The only control that you
have is what ever inside your Network pass your Modem.
In your case it is banned by the application. Since you did not describe the
rest of your system it is hard do know if you have any better spot that can
be set a filter.
In any case I think that to achieve such filtering you will have to buy a
special SOHO Internet Appliance that can filter by domains/IPs by wild
cards.
Example, http://www.sonicwall.com/us/Products_Solutions.html
Jack (MS, MVP-Networking).

"Samuel Marin" wrote in message
...
Hi,

I know this is a problem but I would like someone to point me to at least
good ressources on the net. Google hasn't helped me in a couple of days.

I have a personal ftp server, used solely for family and close friends
(exchanging kids' pictures and work files). I am under constant attack
from what seems to be script kiddies who try dictionary attacks to no
avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
though they might hide under proxies). All their IPs are automatically
banned by BulletProof at the 5th try, but this method has many limits.

Is there a way to make sure IPs (although that will not help with local
proxies, I know) that try to connect are only French and British IPs?
That would save me a lot of time.

Thanks for your help.

Sam

Hi,

Thanks for your suggestions.
I guess I was not clear enough. I do not want to block those connexions
before they ever reach my home. I am not that big. I'm just a father who
doesn't want his family to be too much disturbed. I suppose hardware
solutions are not an option.
What I asked was something like: Is it sensible to filter any IP not
from e.g. 245.*.*.* if this figure is France, for instance? Or is it
possible to achieve something like that dynamically, like interrogating
a whois service and blocking any IP not from this or that country? (In
my case only allowing connexions from France and UK.)

Thanks again.
Sam


Jack [MVP-Networking] a écrit :
Hi
You can not ban any thing on the Internet per-se. The only control that
you have is what ever inside your Network pass your Modem.
In your case it is banned by the application. Since you did not describe
the rest of your system it is hard do know if you have any better spot
that can be set a filter.
In any case I think that to achieve such filtering you will have to buy
a special SOHO Internet Appliance that can filter by domains/IPs by wild
cards.
Example, http://www.sonicwall.com/us/Products_Solutions.html
Jack (MS, MVP-Networking).

"Samuel Marin" wrote in message
...
Hi,

I know this is a problem but I would like someone to point me to at
least good ressources on the net. Google hasn't helped me in a couple
of days.

I have a personal ftp server, used solely for family and close friends
(exchanging kids' pictures and work files). I am under constant attack
from what seems to be script kiddies who try dictionary attacks to no
avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
though they might hide under proxies). All their IPs are automatically
banned by BulletProof at the 5th try, but this method has many limits.

Is there a way to make sure IPs (although that will not help with
local proxies, I know) that try to connect are only French and British
IPs?
That would save me a lot of time.

Thanks for your help.

Sam

Hi,

Thanks for your suggestions.
I guess I was not clear enough. I do not want to block those connexions
before they ever reach my home. I am not that big. I'm just a father who
doesn't want his family to be too much disturbed. I suppose hardware
solutions are not an option.
What I asked was something like: Is it sensible to filter any IP not
from e.g. 245.*.*.* if this figure is France, for instance? Or is it
possible to achieve something like that dynamically, like interrogating
a whois service and blocking any IP not from this or that country? (In
my case only allowing connexions from France and UK.)

Thanks again.
Sam


Jack [MVP-Networking] a écrit :
Hi
You can not ban any thing on the Internet per-se. The only control that
you have is what ever inside your Network pass your Modem.
In your case it is banned by the application. Since you did not describe
the rest of your system it is hard do know if you have any better spot
that can be set a filter.
In any case I think that to achieve such filtering you will have to buy
a special SOHO Internet Appliance that can filter by domains/IPs by wild
cards.
Example, http://www.sonicwall.com/us/Products_Solutions.html
Jack (MS, MVP-Networking).

"Samuel Marin" wrote in message
...
Hi,

I know this is a problem but I would like someone to point me to at
least good ressources on the net. Google hasn't helped me in a couple
of days.

I have a personal ftp server, used solely for family and close friends
(exchanging kids' pictures and work files). I am under constant attack
from what seems to be script kiddies who try dictionary attacks to no
avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
though they might hide under proxies). All their IPs are automatically
banned by BulletProof at the 5th try, but this method has many limits.

Is there a way to make sure IPs (although that will not help with
local proxies, I know) that try to connect are only French and British
IPs?
That would save me a lot of time.

Thanks for your help.

Sam

Samuel Marin wrote:
Hi,

Thanks for your suggestions.
I guess I was not clear enough. I do not want to block those connexions
before they ever reach my home. I am not that big. I'm just a father who
doesn't want his family to be too much disturbed. I suppose hardware
solutions are not an option.
What I asked was something like: Is it sensible to filter any IP not
from e.g. 245.*.*.* if this figure is France, for instance? Or is it
possible to achieve something like that dynamically, like interrogating
a whois service and blocking any IP not from this or that country? (In
my case only allowing connexions from France and UK.)


Have you looked at a software firewall application. Comodo, and
probably the others, allows you to set up a network that is invisible to
everyone but the networks you allow to see the computer.


Thanks again.
Sam


Jack [MVP-Networking] a écrit :
Hi
You can not ban any thing on the Internet per-se. The only control
that you have is what ever inside your Network pass your Modem.
In your case it is banned by the application. Since you did not
describe the rest of your system it is hard do know if you have any
better spot that can be set a filter.
In any case I think that to achieve such filtering you will have to
buy a special SOHO Internet Appliance that can filter by domains/IPs
by wild cards.
Example, http://www.sonicwall.com/us/Products_Solutions.html
Jack (MS, MVP-Networking).

"Samuel Marin" wrote in message
...
Hi,

I know this is a problem but I would like someone to point me to at
least good ressources on the net. Google hasn't helped me in a couple
of days.

I have a personal ftp server, used solely for family and close
friends (exchanging kids' pictures and work files). I am under
constant attack from what seems to be script kiddies who try
dictionary attacks to no avail at least 3 or 4 times a week (most IPs
are Chinese and Russian, though they might hide under proxies). All
their IPs are automatically banned by BulletProof at the 5th try, but
this method has many limits.

Is there a way to make sure IPs (although that will not help with
local proxies, I know) that try to connect are only French and
British IPs?
That would save me a lot of time.

Thanks for your help.

Sam

Samuel Marin wrote:
Hi,

Thanks for your suggestions.
I guess I was not clear enough. I do not want to block those connexions
before they ever reach my home. I am not that big. I'm just a father who
doesn't want his family to be too much disturbed. I suppose hardware
solutions are not an option.
What I asked was something like: Is it sensible to filter any IP not
from e.g. 245.*.*.* if this figure is France, for instance? Or is it
possible to achieve something like that dynamically, like interrogating
a whois service and blocking any IP not from this or that country? (In
my case only allowing connexions from France and UK.)


Have you looked at a software firewall application. Comodo, and
probably the others, allows you to set up a network that is invisible to
everyone but the networks you allow to see the computer.


Thanks again.
Sam


Jack [MVP-Networking] a écrit :
Hi
You can not ban any thing on the Internet per-se. The only control
that you have is what ever inside your Network pass your Modem.
In your case it is banned by the application. Since you did not
describe the rest of your system it is hard do know if you have any
better spot that can be set a filter.
In any case I think that to achieve such filtering you will have to
buy a special SOHO Internet Appliance that can filter by domains/IPs
by wild cards.
Example, http://www.sonicwall.com/us/Products_Solutions.html
Jack (MS, MVP-Networking).

"Samuel Marin" wrote in message
...
Hi,

I know this is a problem but I would like someone to point me to at
least good ressources on the net. Google hasn't helped me in a couple
of days.

I have a personal ftp server, used solely for family and close
friends (exchanging kids' pictures and work files). I am under
constant attack from what seems to be script kiddies who try
dictionary attacks to no avail at least 3 or 4 times a week (most IPs
are Chinese and Russian, though they might hide under proxies). All
their IPs are automatically banned by BulletProof at the 5th try, but
this method has many limits.

Is there a way to make sure IPs (although that will not help with
local proxies, I know) that try to connect are only French and
British IPs?
That would save me a lot of time.

Thanks for your help.

Sam