nanog mailing list archives
RE: BGP hijack from 23724 -> 4134 China?
From: Warren Bailey <wbailey () gci com>
Date: Fri, 9 Apr 2010 11:31:18 -0800
Are we to believe that filtering .cn will filter all Chinese attacks? I know that if I was up to no good in China, I'd buy a cheap VSAT connection, tld's are probably not a good way to identify bad guys. My two cents.. //warren -----Original Message----- From: Jeroen van Aart [mailto:jeroen () mompl net] Sent: Friday, April 09, 2010 11:14 AM To: nanog () nanog org Subject: Re: BGP hijack from 23724 -> 4134 China? Rich Kulawiec wrote:
See ipdeny.com for allocations covering about 225 countries. Alternatively, please see http://www.okean.com/asianspamblocks.html for lists that cover China and Korea only. The former is furnished in CIDR; the latter in CIDR, Apache htaccess, Cisco ACL, and Linux iptables.
Thanks, the iptables list comes in quite handy. People may wish to block port 22 as well as port 25. Although something like fail2ban takes care of that nicely. Greetings, Jeroen
Current thread:
- Re: BGP hijack from 23724 -> 4134 China?, (continued)
- Re: BGP hijack from 23724 -> 4134 China? Benjamin BILLON (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Jeroen van Aart (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Benjamin Billon (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Jeroen van Aart (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Benjamin Billon (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Jim Burwell (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Patrick Giagnocavo (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Jeroen van Aart (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Rich Kulawiec (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Jeroen van Aart (Apr 09)
- RE: BGP hijack from 23724 -> 4134 China? Warren Bailey (Apr 09)
- RE: BGP hijack from 23724 -> 4134 China? Jim Templin (Apr 09)
- Re: BGP hijack from 23724 -> 4134 China? Suresh Ramasubramanian (Apr 08)