[ale] [OT] Chinese brute-force network?

Alex Carver agcarver+ale at acarver.net
Thu May 29 16:59:30 EDT 2014


On 2014-05-29 13:48, Chuck Payne wrote:
> If it helps, here are the ones attacking lately
> 
> 
> Attempts116.10.191
> 40
> 61.174.51
> 34
> 119.188.7
> 9
> 

I block whole swaths of netblocks anytime someone does a probe or attack
like this.  My iptables drop list currently has over 250 lines of CIDR
entries with most being a minimum netblock size of /15.  I can send you
the list if you want it to drop on your system.


I don't have 116.10 but I do have a couple 116 entries already loaded.
Two of them are China (116.76.0.0/15 and 116.255.128.0/17) and one in
Pakistan (116.71.0.0/16).  They make it to the list if they've been
probing steadily for a couple days.


More information about the Ale mailing list