Reply With QuoteI use a different port forwarding rule for each client.
In case of fire I just break that port and away she goes with no load on anything.
IP Block Arsehole Clients
Task: Rouge client ftp's client Dreambox extracts .cfg details then jumps from one user name to next as quick as I can ban, a big disruption!
TIP: Always use root password!
So I researched a veriaty of modem / routers, and found a popular router, typically used for gaming that has excellent IP inbound blocking feature it’s the D-Link DSL-G640T. Once set up it is a breeze to block any rouge inbound IP's.
| Look Here -> |
I use a different port forwarding rule for each client.
In case of fire I just break that port and away she goes with no load on anything.
Only problem with IP blocking, is if they are bhind a dynamic IP, it will just require a modem cycle, and normally you get a different IP address.Originally Posted by palmac
Now that's thinking outside the square!
More information,.. as I can't see how a port scan wouldn't defeat this ? Assuming you have other clients coming in to the same server/serving app without IP filtering ?
The way I see it, it would take a pretty good guess or a lot of trial and error to pick the correct client to the assigned port.
Eg each client has their own incoming port redirected to the server port.
Not worth the hassle for someone really.
Last edited by warbo; 13-07-08 at 07:14 PM. Reason: Add more info
yep....especially if the deskey is not the default one.
But i like to have fun with hackers so....
Setup a newcs server (with no sensible service) on a dummy pc on the network for a few days....then you can watch them knock themselves out trying to hack into it ...
just use default deskey, use Local Local, guest guest etc...
make it easy fro them to get in and let them chip away at it.
make it a slow PC as well....
Of course if you know their IP why not hack them back?
Also palmac if you care to post the offending IP I am sure a few people here would be happy to do some probeing for you...
I have an app that reroutes a port to anywhere you like.
I can put multiple lines in a cccam.cfg file for as many ports as you like.
Then i can change the rerouted port on the fly every hour to frustrate a hacker.
Newcs can be made to accept a password only from a specific IP as well.
If ID'd a big sloppy kiss and a slab of VB is in store for you bud. Just gives us your nearest bottle-o, I'll pay and have them leave it on the counter for you. The kiss is optional.yep....especially if the deskey is not the default one.
But i like to have fun with hackers so....
Setup a newcs server (with no sensible service) on a dummy pc on the network for a few days....then you can watch them knock themselves out trying to hack into it ...
just use default deskey, use Local Local, guest guest etc...
make it easy fro them to get in and let them chip away at it.
make it a slow PC as well....
Of course if you know their IP why not hack them back?
Also palmac if you care to post the offending IP I am sure a few people here would be happy to do some probeing for you...
122.107.178.119
This guy caused me dramas for weeks jumping all over my clients user names.
dont know who he is as I did not sell him the box directly. I'm told Optus ISP and is in Melbourne?
Yes dynamic IP but its still so easy to ID the bad IP and set in the filter. I'm not talking about a fllood of pricks. Just one or two. You can also set an IP range.
z80's method no doubt would work a treat but a lot of setting up if you have more than a hand full of clients. Most of the time clients are pretty good but the odd smart arse thinks he's got it beat.
A dd-wrt compatible router with Z80's method would be easy to maintain lots of clients. Since all routing table is all in a config file. dd-wrt also gives you automatic dynaic ip updating via a handful of providers. So no need to tell your clients your new IP address all the time.
Also get your clients to use dynamic IP service and you never have to update there new IP addresses either, when they do a modem reboot. They can run a simple onboot program that will update it for them automatically or they can do it manually on the dynamic IP providers website.
By reading this, you have already given me control over a tiny slice of your mind
Covert, nice one!
I know this is an old post however I am looking to see if I can block a problem with an incoming client request.
Apart from an IP address block or a port forward redirection on the router is there a setting for the Newcs server that might be able to do this.???
Just wondering if there has been any other methods available since this was discussed in this post over 2 years ago??
change the server port
Cheers
hi guys,whats the fix for the passwd not being able to be changed on a dreambox.i try to go telnet, passwd, and jumps to password not able to be changed.?
The first fix is - Dont hijack threads with off topic questions- start your own
the second fix is reflash the box
Dm500, DM5620, DM600 x2, DM7000 x1, DM7020, DM7025, DM800, VU+DUO and a partridge in a pear tree
All it takes for evil to prevail is for good men to do nothing
You can just take their user out of the Newcs.xml
But that doesnt kill the traffic.
You can swap to Oscam server - I see some interesting stuff in there about sending fake ecms to clients with more than one login....
If it was me - I woul djust block there Ip at the router.. save your dreambox for what its supposed to do
Dm500, DM5620, DM600 x2, DM7000 x1, DM7020, DM7025, DM800, VU+DUO and a partridge in a pear tree
All it takes for evil to prevail is for good men to do nothing
Posting Permissions
Bookmarks