Hi,

I know this is a problem but I would like someone to point me to at
least good ressources on the net. Google hasn't helped me in a couple of
days.

I have a personal ftp server, used solely for family and close friends
(exchanging kids' pictures and work files). I am under constant attack
from what seems to be script kiddies who try dictionary attacks to no
avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
though they might hide under proxies). All their IPs are automatically
banned by BulletProof at the 5th try, but this method has many limits.

Is there a way to make sure IPs (although that will not help with local
proxies, I know) that try to connect are only French and British IPs?
That would save me a lot of time.

Thanks for your help.

Sam

Hi
You can not ban any thing on the Internet per-se. The only control that you
have is what ever inside your Network pass your Modem.
In your case it is banned by the application. Since you did not describe the
rest of your system it is hard do know if you have any better spot that can
be set a filter.
In any case I think that to achieve such filtering you will have to buy a
special SOHO Internet Appliance that can filter by domains/IPs by wild
cards.
Example, http://www.sonicwall.com/us/Products_Solutions.html
Jack (MS, MVP-Networking).

"Samuel Marin" <(E-Mail Removed)> wrote in message
news:4afbe6a2$0$973$(E-Mail Removed)...
> Hi,
>
> I know this is a problem but I would like someone to point me to at least
> good ressources on the net. Google hasn't helped me in a couple of days.
>
> I have a personal ftp server, used solely for family and close friends
> (exchanging kids' pictures and work files). I am under constant attack
> from what seems to be script kiddies who try dictionary attacks to no
> avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
> though they might hide under proxies). All their IPs are automatically
> banned by BulletProof at the 5th try, but this method has many limits.
>
> Is there a way to make sure IPs (although that will not help with local
> proxies, I know) that try to connect are only French and British IPs?
> That would save me a lot of time.
>
> Thanks for your help.
>
> Sam

Hi,

Thanks for your suggestions.
I guess I was not clear enough. I do not want to block those connexions
before they ever reach my home. I am not that big. I'm just a father who
doesn't want his family to be too much disturbed. I suppose hardware
solutions are not an option.
What I asked was something like: Is it sensible to filter any IP not
from e.g. 245.*.*.* if this figure is France, for instance? Or is it
possible to achieve something like that dynamically, like interrogating
a whois service and blocking any IP not from this or that country? (In
my case only allowing connexions from France and UK.)

Thanks again.
Sam


Jack [MVP-Networking] a écrit :
> Hi
> You can not ban any thing on the Internet per-se. The only control that
> you have is what ever inside your Network pass your Modem.
> In your case it is banned by the application. Since you did not describe
> the rest of your system it is hard do know if you have any better spot
> that can be set a filter.
> In any case I think that to achieve such filtering you will have to buy
> a special SOHO Internet Appliance that can filter by domains/IPs by wild
> cards.
> Example, http://www.sonicwall.com/us/Products_Solutions.html
> Jack (MS, MVP-Networking).
>
> "Samuel Marin" <(E-Mail Removed)> wrote in message
> news:4afbe6a2$0$973$(E-Mail Removed)...
>> Hi,
>>
>> I know this is a problem but I would like someone to point me to at
>> least good ressources on the net. Google hasn't helped me in a couple
>> of days.
>>
>> I have a personal ftp server, used solely for family and close friends
>> (exchanging kids' pictures and work files). I am under constant attack
>> from what seems to be script kiddies who try dictionary attacks to no
>> avail at least 3 or 4 times a week (most IPs are Chinese and Russian,
>> though they might hide under proxies). All their IPs are automatically
>> banned by BulletProof at the 5th try, but this method has many limits.
>>
>> Is there a way to make sure IPs (although that will not help with
>> local proxies, I know) that try to connect are only French and British
>> IPs?
>> That would save me a lot of time.
>>
>> Thanks for your help.
>>
>> Sam
>

Samuel Marin wrote:
> Hi,
>
> Thanks for your suggestions.
> I guess I was not clear enough. I do not want to block those connexions
> before they ever reach my home. I am not that big. I'm just a father who
> doesn't want his family to be too much disturbed. I suppose hardware
> solutions are not an option.
> What I asked was something like: Is it sensible to filter any IP not
> from e.g. 245.*.*.* if this figure is France, for instance? Or is it
> possible to achieve something like that dynamically, like interrogating
> a whois service and blocking any IP not from this or that country? (In
> my case only allowing connexions from France and UK.)
>

Have you looked at a software firewall application. Comodo, and
probably the others, allows you to set up a network that is invisible to
everyone but the networks you allow to see the computer.


> Thanks again.
> Sam
>
>
> Jack [MVP-Networking] a écrit :
>> Hi
>> You can not ban any thing on the Internet per-se. The only control
>> that you have is what ever inside your Network pass your Modem.
>> In your case it is banned by the application. Since you did not
>> describe the rest of your system it is hard do know if you have any
>> better spot that can be set a filter.
>> In any case I think that to achieve such filtering you will have to
>> buy a special SOHO Internet Appliance that can filter by domains/IPs
>> by wild cards.
>> Example, http://www.sonicwall.com/us/Products_Solutions.html
>> Jack (MS, MVP-Networking).
>>
>> "Samuel Marin" <(E-Mail Removed)> wrote in message
>> news:4afbe6a2$0$973$(E-Mail Removed)...
>>> Hi,
>>>
>>> I know this is a problem but I would like someone to point me to at
>>> least good ressources on the net. Google hasn't helped me in a couple
>>> of days.
>>>
>>> I have a personal ftp server, used solely for family and close
>>> friends (exchanging kids' pictures and work files). I am under
>>> constant attack from what seems to be script kiddies who try
>>> dictionary attacks to no avail at least 3 or 4 times a week (most IPs
>>> are Chinese and Russian, though they might hide under proxies). All
>>> their IPs are automatically banned by BulletProof at the 5th try, but
>>> this method has many limits.
>>>
>>> Is there a way to make sure IPs (although that will not help with
>>> local proxies, I know) that try to connect are only French and
>>> British IPs?
>>> That would save me a lot of time.
>>>
>>> Thanks for your help.
>>>
>>> Sam
>>