Date: Wed, 24 Aug 2005 07:50:13 -0400 From: Hornet <hornetmadness@gmail.com> To: Michael Dale <mdale@dalegroup.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Illegal access attempt - FreeBSD 5.4 Release - please advise Message-ID: <f42935a605082404505a82799d@mail.gmail.com> In-Reply-To: <430C5CAC.4050705@dalegroup.net> References: <20050824042234.12260.qmail@web34103.mail.mud.yahoo.com> <f42935a6050824042834ff3a71@mail.gmail.com> <430C5CAC.4050705@dalegroup.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/24/05, Michael Dale <mdale@dalegroup.net> wrote: >=20 > >Also, most if not all of the blocks below are Asia netblocks that I > >have had more then 3 attempts to gain access to my servers. > > > >220.0.0.0/8 > >202.0.0.0/7 > >134.208.0.0/16 > >218.0.0.0/8 > >210.0.0.0/7 > >221.0.0.0/8 > >219.0.0.0/8 > >195.116.0.0/16 > >59.0.0.0/8 > >195.133.91.0/24 > >222.0.0.0/8 > > > > > > > Not always a good idea. A lot of Australian users have been having > issues because of people doing this. More info here: > http://forums.whirlpool.net.au/forum-replies.cfm?t=3D324246#r2 >=20 >=20 You are right, its not a good idea, but when they attempt access I email the logs and and a nice email (NOT a 3 page complaint followed by demands and treat of legal recourse (I work at a large ISP so I know)) I get no where, those ISP's are leave me no other choice. I should also state that I remove the netblocks from my blackhole list about every 3 months, but the same blocks always end up back on the list. -Erik-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f42935a605082404505a82799d>