1. Block an IP address or an IP range with Iptables
To block a hacker, you need to block its IP address in the firewall on your Linux server.
For this, we will use iptables to block incoming traffic from the IP address “xx.xx.xx.xx” (where xx.xx.xx.xx is the IP address of the hacker).
Code : Bash
|
1
|
iptables -I INPUT -s xx.xx.xx.xx -j DROP |
If the hacker uses an IP range (for example : 10.0.0.10, 10.0.0.11, 10.0.0.12, … 10.0.0.20), simply use this command :
Code : Bash
|
1
|
iptables -I INPUT -m iprange --src-range 10.0.0.10-10.0.0.20 -j DROP |
If you want to block the outgoing connection (your server => other servers) to an IP range, use the “–dst-range” parameter instead of the “–src-range” parameter.
Thus, your server will no longer be able to send data to this IP range.
Code : Bash
|
1
|
iptables -I INPUT -m iprange --dst-range 10.0.0.10-10.0.0.20 -j DROP |