block traceroute IP?

Sometimes there will be several IP addresses that spam my server, and it seems that most of them are coming from 1 source, but will slowly hit my server over time. Is there any way to block an IP coming from a traceroute? For example, this morning I got some spam from this IP. I trace route it and find that it's coming once again from domain.co.uk They do not have a website where I can report these IPs, so can I just use iptables or some other command to block 64.79.xx.xxx (domain.co.uk)?

>tracert 74.122.192.247

Tracing route to Chi.domaintoo.com [74.122.xxx.xx]
over a maximum of 30 hops:

[MY TRACEROUTE OUT HERE]
  8    45 ms    45 ms    47 ms  be-7922-ar01.elmhurst.il.chicago.comcast.net [68
.86.xx.xx]
  9    44 ms    47 ms    44 ms  te-0-7-0-7-sur01.beechgrove.in.indiana.comcast.n
et [68.86.xxx.xx]
 10    44 ms    44 ms    44 ms  xx-xxx-150-242-static.hfc.comcastbusiness.net [5
0.205.xxx.xxx]
 11    45 ms    44 ms    44 ms  domain.co.uk [64.79.xxx.xxx]
 12    92 ms    92 ms    91 ms  Chi.domaintoo.com [74.122.xxx.xxx]

Trace complete.

cPanelMichael

December 17, 2014 13:36

Hello :) Do you use a firewall management utility such as CSF? If so, you could block the IP address in CSF to prevent additional connections to your server. Thank you.

erfg1234

December 17, 2014 15:45

I use IPTables, can it be done using that?

December 17, 2014 20:03

Yes, you can manually block the entries using iptables if you prefer to manage the rules on your own. Thank you.

December 19, 2014 11:12

If I block the domain.co.uk [64.79.xxx.xxx] with iptables, their emails still go through. But installing CSF has definitely helped to protect my server. Within 1 day I have 50 IP addresses blocked that were trying to login using FTP!

December 19, 2014 15:29

You may need to modify your custom iptables rules or use CSF if traffic from those IP addresses is still reaching your email service. Thank you.

block traceroute IP?

Comments

Didn't find what you were looking for?