Tag: firewall

IP Address Ranges for Countries

If you need to know what IP address ranges are allocated for an entire country, you can download a list for each country from the IPdeny website. This would be useful if you wanted to just firewall block an entire country from accessing your server like all of those hackers in China hammering your SSH or web server looking for exploits.

Each list is a plain text file with one CIDR notation address range per line. The plain text file and standard CIDR notation makes parsing the file with a script easy to do. The lists are updated fairly often. Here is the direct link to download the lists: http://www.ipdeny.com/ipblocks/

Shadow of hand over keybaord

How to Block an IP Range with IPTables

If you want to block a range of IP addresses from accessing your CentOS server you can issue the following IPTables firewall command:

/sbin/iptables -I INPUT -m iprange --src-range 192.168.1.1-192.168.1.2.100 -j DROP

Replace “192.168.1.1-192.168.1.2.100” with the IP range you want to block. This command only works with the IPTables firewall so if your operating system is using a different firewall then this command will not work.

Here is another example which uses CIDR notation to specify the IP range:

/sbin/iptables -I INPUT -s 192.168.1.1/25 -j DROP

If you restart your server, the drop command will be removed. If you want this command to persist through reboots, then you’ll need to add it to a startup script.

How to Change the Port on NX Server

NX Server is a commercial application released by the company NoMachine. It allows you to connect to your Linux server similar to how you would connect to a Windows computer using remote desktop. NoMachine offers a free version of the product which has a restriction of only allowing 2 simultaneous connections to the server. NX Server runs over SSH so you don’t need to open any other ports on your firewall other than the port for the SSH service.

It is considered a good security practice to change the default port the SSH service listens on. When you change this port it breaks the NX Server service since it expects the SSH service to be running on the default port of 22. You can fix NX Server by modyfing the following file:

/usr/NX/etc/server.cfg

Set the following settings in the file:

SSHDPort = "22"
SSHDAuthPort = "22"

Change “22” to whatever port your SSH service is now listening on. You’ll then need to restart the NX Server service to put the changes into effect:

/etc/init.d/nxserver restart

NOTE: The instructions above were tested on a Linux Red Hat 5 server.