Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 25 Apr 2001 08:04:38 -0400 (EDT)
From:      Michael S Scheidell <scheidell@Cerintha.com>
To:        freebsd-security@freebsd.org
Subject:   Re: Re[2]: Connection attempts
Message-ID:  <200104251204.f3PC4cw22343@caerulus.cerintha.com>
In-Reply-To: <7432.010421@kechara.net>
References:  <Pine.BSF.4.21.0104231526270.27876-100000@w2xo.int> <7432.010421@kechara.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
>
> You should see my intrusion database... 93% from Korea, Taiwan and
> the likes. The rest from interesting places such as Hungaria. There
> is never any response from ISPs. Solution a) grin and bare it (is
> that really a solution though?). Solution b) actively firewall
> connections from these places (blanket bans are never a great idea
> though.)

mynetwatchman has contacts in koera. there is a 'cert' web site there (i
forget link) but hehas contacts at kornet and they host many of the
schools (where ths systems are mostly located)

 >
> Solution c) anyone?

firewall china at least.
kills spam and if you use stealth mode, harasses spammers all in one step.

#china:
    $fwcmd add deny ip from 61.128.0.0/16 to any in via $oif
    $fwcmd add deny ip from 202.96.0.0/16 to any in via $oif
    $fwcmd add deny ip from 202.107.0.0/16 to any in via $oif
    $fwcmd add deny ip from 211.96.0.0/21 to any in via $oif
    $fwcmd add deny ip from 211.88.0.0/21 to any in via $oif
    $fwcmd add deny ip from 210.72.0.0/22 to any in via $oif
    $fwcmd add deny ip from 159.226.0.0/16 to any in via $oif
    $fwcmd add deny ip from 61.128.0.0/18 to any in via $oif
    $fwcmd add deny ip from 202.64.0.0/18 to any in via $oif
    $fwcmd add deny ip from 210.14.192.0/18 to any in via $oif
    $fwcmd add deny ip from 203.93.0.0/16 to any in via $oif
    $fwcmd add deny ip from 166.111.0.0/15 to any in via $oif
#HK:
#    203.168.128.0 - 203.168.159.255
    $fwcmd add deny ip from 203.168.128.0/17 to any in via $oif



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104251204.f3PC4cw22343>