[Cerowrt-devel] blocking probes...

Török Edwin edwin+ml-cerowrt at etorok.net
Mon Jan 28 10:44:14 EST 2013


On 01/13/2013 11:15 AM, Török Edwin wrote:
> On 01/13/2013 06:50 AM, Dave Taht wrote:
>> one of the underused features of cerowrt is that I stuck a sensor on
>> xinetd to detect attempts to telnet or ftp to the router and cut off
>> access to some other services, notably ssh.
> 
> I don't see this on my cerowrt, is this only in the 3.7.x series?
> 
>>
>> I would have loved to extend this facility to either do it entirely in
>> iptables or leverage xinetd to talk to iptables to (for example)
>> disable access to the web server.
>>
>> I'm curious if anyone elses server logs ever show something like this
>> in the Real World:
>>
>> Jan 12 20:44:02 europa daemon.crit xinetd[3273]: 3273 {process_sensor}
>> Adding 190.185.12.121 to the global_no_access list for 120 minutes

With 3.7.4 I see these now on my home router, so its definetely working:
root at OpenWrt:~# logread|grep xinetd|grep Adding|wc -l
20

The IPs are from Russia, Peru, Colombia, Egypt, UK, Kuwait, Turkey, Azerbaijan.


Best regards,
--Edwin



More information about the Cerowrt-devel mailing list