| Author |
Message |
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
 Posted:
Tue Jun 13, 2006 10:49 pm |
|
Code:deny from 62.29.0.0/17
deny from 62.56.128.0/22
deny from 62.85.128.0/19
deny from 62.108.64.0/19
deny from 62.113.0.0/19
deny from 62.184.58.0/27
deny from 62.185.166.64/26
deny from 62.184.178.96/29
deny from 62.186.77.0/26
deny from 62.201.192.0/18
deny from 62.229.128.0/24
deny from 62.229.130.0/24
deny from 62.244.192.0/18
deny from 62.248.0.0/17
deny from 64.18.138.0/24
deny from 64.28.128.0/20
deny from 65.182.7.0/24
deny from 66.178.5.0/24
deny from 66.178.52.0/24
deny from 66.205.36.0/22
deny from 69.30.204.0/23
deny from 80.71.128.0/20
deny from 80.88.138.224/27
deny from 80.88.141.160/27
deny from 80.251.0.0/20
deny from 80.251.32.0/20
deny from 81.6.64.0/18
deny from 81.8.0.0/17
deny from 81.21.160.0/20
deny from 81.22.97.0/24
deny from 81.31.193.224/29
deny from 81.31.195.112/29
deny from 81.31.195.136/29
deny from 81.31.195.216/30
deny from 81.31.196.172/30
deny from 81.31.197.16/29
deny from 81.31.197.64/30
deny from 81.31.197.128/30
deny from 81.31.198.152/29
deny from 81.31.198.216/29
deny from 81.31.199.72/29
deny from 81.31.199.140/30
deny from 81.31.199.160/29
deny from 81.31.200.64/29
deny from 81.31.200.76/30
deny from 81.212.0.0/14
deny from 82.145.224.0/19
deny from 82.151.128.0/19
deny from 82.222.0.0/16
deny from 83.66.0.0/16
deny from 83.166.48.0/28
deny from 84.11.37.192/26
deny from 84.17.64.0/19
deny from 84.44.0.0/17
deny from 84.51.0.0/18
deny from 85.96.0.0/12
deny from 85.153.0.0/16
deny from 85.158.96.0/21
deny from 85.159.64.0/21
deny from 85.235.64.0/24
deny from 86.108.128.0/17
deny from 139.179.0.0/16
deny from 144.122.0.0/16
deny from 155.223.0.0/16
deny from 160.75.0.0/16
deny from 161.9.0.0/16
deny from 168.139.0.0/16
deny from 192.70.133.0/23
deny from 192.129.87.0/24
deny from 192.160.21.0/24
deny from 193.23.156.0/24
deny from 193.25.124.0/23
deny from 193.41.2.0/23
deny from 193.42.216.0/24
deny from 193.95.0.0/17
deny from 193.108.213.0/24
deny from 193.109.134.0/23
deny from 193.110.170.0/23
deny from 193.110.208.0/21
deny from 193.140.0.0/16
deny from 193.178.218.0/24
deny from 193.188.198.0/23
deny from 193.192.96.0/19
deny from 193.201.149.192/26
deny from 193.201.157.0/25
deny from 193.218.113.0/24
deny from 193.218.200.0/24
deny from 193.219.208.0/30
deny from 193.220.68.0/24
deny from 193.243.192.0/19
deny from 193.254.228.0/23
deny from 193.254.252.0/23
deny from 193.255.0.0/16
deny from 194.9.174.0/24
deny from 194.24.224.0/23
deny from 194.27.0.0/16
deny from 194.29.208.0/21
deny from 194.54.32.0/19
deny from 194.67.205.0/23
deny from 194.69.206.0/24
deny from 194.117.97.172/30
deny from 194.117.110.80/28
deny from 194.117.113.72/30
deny from 194.117.114.4/30
deny from 194.117.118.40/30
deny from 194.117.119.4/32
deny from 194.117.119.18/32
deny from 194.117.119.20/32
deny from 194.117.119.22/32
deny from 194.117.119.24/32
deny from 194.117.119.27/32
deny from 194.117.119.34/32
deny from 194.117.119.53/32
deny from 194.117.119.55/32
deny from 194.117.119.58/32
deny from 194.117.119.61/32
deny from 194.117.119.73/32
deny from 194.117.119.76/32
deny from 194.117.119.80/32
deny from 194.117.119.86/32
deny from 194.117.119.93/31
deny from 194.117.119.96/32
deny from 194.117.119.99/31
deny from 194.117.119.108/32
deny from 194.117.120.15/32
deny from 194.117.120.114/32
deny from 194.117.120.233/32
deny from 194.117.121.30/32
deny from 194.117.121.70/32
deny from 194.117.121.96/32
deny from 194.117.121.101/32
deny from 194.117.121.168/32
deny from 194.117.121.192/31
deny from 194.117.121.217/32
deny from 194.125.232.0/22
deny from 194.126.230.0/24
deny from 194.133.65.0/24
deny from 194.133.160.0/20
deny from 194.133.240.0/23
deny from 194.133.251.0/24
deny from 194.133.253.0/28
deny from 194.133.255.0/24
deny from 194.242.32.0/24
deny from 195.8.109.0/24
deny from 195.33.192.0/18
deny from 195.39.224.0/23
deny from 195.46.128.0/19
deny from 195.49.216.0/21
deny from 195.64.128.0/18
deny from 195.74.32.0/19
deny from 195.75.202.0/26
deny from 195.75.202.128/25
deny from 195.75.222.0/28
deny from 195.75.222.24/29
deny from 195.75.222.160/27
deny from 195.75.236.0/28
deny from 195.75.236.96/29
deny from 195.75.236.112/28
deny from 195.75.238.0/25
deny from 195.79.199.192/29
deny from 195.79.204.192/27
deny from 195.85.242.0/24
deny from 195.85.255.0/24
deny from 195.87.0.0/16
deny from 195.112.128.0/19
deny from 195.112.160.16/30
deny from 195.112.166.12/30
deny from 195.112.166.52/30
deny from 195.112.166.60/30
deny from 195.112.166.68/29
deny from 195.112.166.80/30
deny from 195.128.32.0/21
deny from 195.128.254.0/23
deny from 195.137.222.0/23
deny from 195.140.196.0/22
deny from 195.142.0.0/16
deny from 195.149.85.0/24
deny from 195.149.116.0/24
deny from 195.155.0.0/16
deny from 195.174.0.0/15
deny from 195.177.206.0/23
deny from 195.177.230.0/23
deny from 195.183.236.192/26
deny from 195.212.230.0/24
deny from 195.212.244.8/29
deny from 195.213.69.144/28
deny from 195.214.128.0/18
deny from 195.234.165.0/24
deny from 195.242.122.0/23
deny from 195.244.32.0/19
deny from 195.245.227.0/24
deny from 195.254.128.0/19
deny from 196.3.132.0/20
deny from 196.29.64.0/19
deny from 196.32.32.0/19
deny from 196.203.0.0/16
deny from 199.89.210.0/24
deny from 200.3.176.0/21
deny from 200.9.216.0/24
deny from 200.108.0.0/19
deny from 201.238.64.0/18
deny from 209.94.192.0/19
deny from 212.2.192.0/19
deny from 212.12.128.0/19
deny from 212.15.0.0/19
deny from 212.21.197.240/29
deny from 212.29.64.0/18
deny from 212.31.0.0/19
deny from 212.33.0.0/19
deny from 212.45.64.0/19
deny from 212.48.224.0/19
deny from 212.50.32.0/19
deny from 212.57.0.0/19
deny from 212.58.0.0/19
deny from 212.63.170.168/30
deny from 212.63.172.212/30
deny from 212.63.172.224/30
deny from 212.63.180.0/30
deny from 212.63.180.8/30
deny from 212.63.180.16/30
deny from 212.63.180.28/30
deny from 212.63.180.40/29
deny from 212.63.180.56/30
deny from 212.63.180.68/30
deny from 212.63.180.84/30
deny from 212.63.180.92/30
deny from 212.63.180.108/29
deny from 212.63.180.120/29
deny from 212.63.180.200/30
deny from 212.64.192.0/19
deny from 212.65.128.0/19
deny from 212.79.96.0/22
deny from 212.79.122.0/23
deny from 212.98.0.0/19
deny from 212.98.192.0/18
deny from 212.101.96.0/19
deny from 212.108.128.0/19
deny from 212.109.96.0/19
deny from 212.109.224.0/19
deny from 212.115.0.0/19
deny from 212.125.0.0/19
deny from 212.127.96.0/19
deny from 212.133.128.0/17
deny from 212.146.128.0/17
deny from 212.154.0.0/17
deny from 212.156.0.0/16
deny from 212.174.0.0/15
deny from 212.252.0.0/15
deny from 213.14.0.0/16
deny from 213.31.190.48/28
deny from 213.31.223.144/28
deny from 213.43.0.0/16
deny from 213.62.14.64/26
deny from 213.62.40.192/26
deny from 213.74.0.0/16
deny from 213.138.0.0/19
deny from 213.139.192.0/18
deny from 213.143.224.0/19
deny from 213.144.96.0/19
deny from 213.148.64.0/19
deny from 213.150.160.0/19
deny from 213.153.128.0/17
deny from 213.155.96.0/19
deny from 213.159.32.0/19
deny from 213.161.128.0/19
deny from 213.181.38.192/26
deny from 213.186.128.0/19
deny from 213.194.64.0/18
deny from 213.202.0.0/19
deny from 213.204.64.0/18
deny from 213.208.3.192/29
deny from 213.208.39.0/24
deny from 213.209.169.144/29
deny from 213.232.0.0/18
deny from 213.236.32.0/19
deny from 213.238.128.0/18
deny from 213.243.0.0/18
deny from 213.248.128.0/18
deny from 213.254.128.0/19
deny from 216.139.188.192/27
deny from 217.17.144.0/20
deny from 217.21.68.0/22
deny from 217.23.110.96/27
deny from 217.31.224.0/19
deny from 217.64.144.0/20
deny from 217.64.208.0/20
deny from 217.68.208.0/20
deny from 217.77.241.113/32
deny from 217.77.241.218/32
deny from 217.77.242.169/32
deny from 217.77.246.192/30
deny from 217.131.0.0/16
deny from 217.138.38.248/29
deny from 217.169.192.0/20
deny from 217.173.157.128/28
deny from 217.173.157.192/27
deny from 217.173.158.64/27
deny from 217.174.32.0/20
deny from 217.174.224.0/20
deny from 217.194.135.160/28
deny from 217.195.192.0/20
|
|
Last edited by Raven on Sun Jun 25, 2006 3:51 pm; edited 1 time in total |
|
|
|
hitwalker
Sells PC To Pay For Divorce
Joined:
Posts: 5661
|
| Posted:
Wed Jun 14, 2006 6:10 am |
|
very nice raven....thank you....
this is such a bestseller i put it in my forums to....  |
| |
|
|
|
|
fkelly
Former Moderator in Good Standing
Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY
|
| Posted:
Wed Jun 14, 2006 6:25 am |
|
Just looking on my site this morning and saw a "suspicious" IP: 88.240.138.27
Looking it up on dnstuff.com
% Information related to '88.240.0.0 - 88.240.255.255'
inetnum: 88.240.0.0 - 88.240.255.255
netname: TurkTelekom
I'm not very good on CIDR arithmetic but it doesn't look like it would be included in your list? |
| |
|
|
|
Raven
|
| Posted:
Wed Jun 14, 2006 7:05 am |
|
Sure does. Send it over to Bob Marion to include in the next update. Thanks!
Deny from 88.240.0.0/16 |
| |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Wed Jun 14, 2006 8:31 am |
|
Pity we cannot block based on NetName, we would only need one entry. |
| |
|
|
|
hitwalker
|
| Posted:
Wed Jun 14, 2006 9:04 am |
|
my thought indeed...
but...another question rises...
how large can we make a htaccess ?
Cause mine is about 72kb ,that includes banned ip and rewrite rules. |
| |
|
|
|
|
Raven
|
| Posted:
Wed Jun 14, 2006 9:47 am |
|
|
|
|
|
Raven
|
| Posted:
Wed Jun 14, 2006 10:21 am |
|
|
|
|
|
Guardian2003
|
| Posted:
Wed Jun 14, 2006 12:08 pm |
|
Thanks Raven, that is certainly interesting. Something like this would save Bob a ton of work! |
| |
|
|
|
|
hitwalker
|
| Posted:
Wed Jun 14, 2006 12:15 pm |
|
yes...its a nice playground... |
| |
|
|
|
|
Virgin_Steel
Worker
Joined: Sep 30, 2004
Posts: 108
Location: Sf
|
| Posted:
Sun Jun 25, 2006 2:54 pm |
|
| fkelly wrote: | Just looking on my site this morning and saw a "suspicious" IP: 88.240.138.27
Looking it up on dnstuff.com
% Information related to '88.240.0.0 - 88.240.255.255'
inetnum: 88.240.0.0 - 88.240.255.255
netname: TurkTelekom
I'm not very good on CIDR arithmetic but it doesn't look like it would be included in your list? |
My site has been hacked by Query in Search Module from 88.224.202.147 , can anyone help me to download the patch from here http://securityreason.com/download/1/6 because the file in this download is broken, but i want to fix this.The site has been hacked in this way http://securitydot.net/xpl/exploits/vulnerabilities/articles/580/exploit.html ... They stole one of my admin's account.
SOrry for the offtopic , maybe it was better to post new one topic, but it's connected with the Turkey's attack. |
| |
|
 
  |
|
hitwalker
|
| Posted:
Sun Jun 25, 2006 3:12 pm |
|
you shouldnt download these but stick to the patched nuke versions...
the how,what,where,..info can be found around the whole site...not to mention a dozen other sites..... |
| |
|
|
|
|
Ariannus
New Member
Joined: Nov 23, 2004
Posts: 4
|
| Posted:
Thu Jun 29, 2006 11:14 pm |
|
>.< we just got hacked by a turk, he used 85.99.207.154 first, nukesentinal blocked him, then he tried again on 85.181.34.109 and got us.. he seemed to want us to send him an email telling him how well he did since he left a mail addrs and a how leet are we! msg. |
| |
|
|
|
|
synaptyx
Hangin' Around
Joined: Jul 20, 2006
Posts: 41
|
| Posted:
Fri Aug 04, 2006 5:49 am |
|
How about banning russia? |
| |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Sun Aug 13, 2006 10:01 am |
|
NukeSentinel along with the latest IP2Country tables should get any country you need |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
|
synaptyx
|
| Posted:
Sun Aug 13, 2006 2:11 pm |
|
Sweet. I'm a n00b, so apologies for lameness.  |
| |
|
|
|
|
djrino
Regular
Joined: Mar 11, 2005
Posts: 52
|
| Posted:
Mon Oct 02, 2006 3:42 pm |
|
Hi
my site was hacked from turkey http://www.sniperteam.org/
now my questions..
this guis have gained access to my cpanel and have putted my site to the trash..
now i have reloaded my site and one day i have received a blank page..
i have viewed my site with the ftp program and i see only the directory but all .php files ave gone deleted.... it s possible to an hacker make this?
the hacker have gained the control of my cpanel not for a bug on my phpnuke site but waht? becouse i have all patch installed and running the last version of sentinel.
but my questions is..
depending or not to my phpnuke site with this metod i ban all turkey?
Many tnx |
| |
|
|
|
|
evaders99
|
| Posted:
Mon Oct 02, 2006 5:09 pm |
|
Yes it is possible they got access to your cpanel. If you still have access logs, maybe you can determine how they got in. (However if your cpanel was attacked directly, it may be other server logs that you need to search).
Go ahead and ban all of Turkey. It will save you a lot of trouble |
| |
|
|
|
|
Raven
|
| Posted:
Mon Oct 02, 2006 8:03 pm |
|
He probably did not gain access to your cPanel. He probably used an exploit in phpbb (or some other known exploit) and deleted your files. |
| |
|
|
|
|
djrino
|
| Posted:
Tue Oct 03, 2006 7:12 am |
|
Many tnx for answer..
only one questions becouse i'm not a programer..
the .htaccess with these ips i can put it on my public_htm righ?
many tnx for all
Rino |
| |
|
|
|
|
fkelly
|
| Posted:
Tue Oct 03, 2006 7:50 am |
|
You can put the .htaccess in public_html, yes.
Just be aware that banning a specific list of IP's, while it's a start, does not give you total or even nearly total security. Hackers can fake an IP address. You need to have Sentinel installed and properly configured in addition. Also, you should probably be using Sentinel's IP2country facilities to ban countries ... Russia, Turkey, Brazil come to mind off the top, unless you have clients or users there. And there are threads here that you can search on about immunizing yourself to the current PHPBB attacks that are taking place. |
| |
|
|
|
|
djrino
|
| Posted:
Tue Oct 03, 2006 7:55 am |
|
Many tnx
Yes i have the last version of sentinel i dont say but for me sentinel is configured good, becouse i have serched a tutorial or manula how to configure it but no result...
Yes i have installed IP2country and now i ban a turkey..
about PHPBB im searching now on this site any topic about this..
many tnx for your time |
| |
|
|
|
|
Raven
|
| Posted:
Tue Oct 03, 2006 9:02 am |
|
Try this:
Only registered users can see links on this board! Get registered or login! |
| |
|
|
|
|
djrino
|
| Posted:
Tue Oct 03, 2006 9:14 am |
|
Hi Raven
yes i heve followed this steps
Only registered users can see links on this board! Get registered or login!
and the crypt
Only registered users can see links on this board! Get registered or login!
All work Good
now im searching how to viev the version of my phpbb and upgrade manually
Many tnx
Rino |
| |
|
|
|
|
Truden
New Member
Joined: Dec 14, 2004
Posts: 18
Location: Johannesburg/South Africa
|
| Posted:
Tue Oct 03, 2006 9:26 am |
|
Guys, why not ban Russia, China, North Korea and the whole former eastern block 
I'm sure there are some more that you could think of...
Do you think that everybody in Turkey hate you and your web site???
I was hacked two times from islamic hackers, and the attacks came from Turkey, but few days ago I had attack from Germany.
So if few more "German" attempts come must I ban Germany!?
You can not stop hatred with hatred.
That is the way to multiply it.
Work harder on your web site and on your Love.
There are no bad people and nations - there is bad understanding. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
