Allow unmetrered connections on networking is so risky. Attacker can use the brute-force attacks to comprosise your service (or simple DOS).
Linux has a cool firewall to hanlde this, via ip-tables. But it’s so complicated to remember all the rule and syntax. That’s why UFW was born to save us. :D
You can use simple command to manage your firewall
1 | $ ufw default deny incoming # deny any incoming port, should be run before allow any port |
Someday, you will be blocked by a firewall while trying crawling or accessing some website. The reason is they block your IP address from accessing the server.
One solution is using a web proxy (http proxy, socks4 or socks5) to bypass the firewall, by adding the middle-man server between you and target. It’s a bit unsecured but you could use for https site only.
Some HTTP Proxy supports https will stream TLS data from target to you (so don’t worry about proxy server can read you data). Btw, it only knows which domain and IP address you’re connecting.
To find a free proxy from the internet, try this service : https://gimmeproxy.com/
It provides a cool API to fetch new proxy from its database.
Example this endpoint will return JSON response including proxy anonymous, supports HTTPS, from Japan and minimum speed more than 100KB
1 | http://gimmeproxy.com/api/getProxy?anonymityLevel=1&supportsHttps=false&country=JP&minSpeed=100 |
In case you need more requests per day, try a subscription (cancelable and refundable). I tried last days, and really like their service (although I cancelled subscription b/c I don’t need proxy anymore).
Break the rules ! ;)
Last day I checked system logs and got a lot of warning messages mentioned that my server has been attack via Brute-force. So I decided to blocked some countries from connecting to attacked ports (21, 25). They are China, Russia and US.
This site provides a list of IP blocks of specified country
