[ale] [OT] Chinese brute-force network?
Alex Carver
agcarver+ale at acarver.net
Thu May 29 16:59:30 EDT 2014
On 2014-05-29 13:48, Chuck Payne wrote:
> If it helps, here are the ones attacking lately
>
>
> Attempts116.10.191
> 40
> 61.174.51
> 34
> 119.188.7
> 9
>
I block whole swaths of netblocks anytime someone does a probe or attack
like this. My iptables drop list currently has over 250 lines of CIDR
entries with most being a minimum netblock size of /15. I can send you
the list if you want it to drop on your system.
I don't have 116.10 but I do have a couple 116 entries already loaded.
Two of them are China (116.76.0.0/15 and 116.255.128.0/17) and one in
Pakistan (116.71.0.0/16). They make it to the list if they've been
probing steadily for a couple days.
More information about the Ale
mailing list