Welcome to AUXNET IRC Network




Idle on AUXnet a lot? Why not play our idlerpg game, you can check it out at #idleRPG - for more information visit the website http://idlerpg.auxnet.org

How do I block attackers IP with null routes ?

Attention: open in a new window. PDFPrintE-mail

Nullroute IP using route command

Suppose that bad IP is 123.123.123.123, type following command at shell:

# route add 123.123.123.123 gw 127.0.0.1 lo

You can verify it with following command:

# netstat -nr

OR

# route -n

You can also use reject target:

# route add -host IP-ADDRESS reject
# route add -host 123.123.123.123 reject

To confirm the null routing status, use ip command as follows:

# ip route get 123.123.123.123

Output:

RTNETLINK answers: Network is unreachable

Drop entire subnet 192.67.16.0/24:

# route add -net 192.67.16.0/24 gw 127.0.0.1 lo

You can also use the ip command to null route network or ip, enter:

# ip route add blackhole 123.123.123.123/29
# route -n

How do I remove null routing? How do I remove a blocked IP address?

Simple use the router delete command,

# route delete 123.123.123.123