16 Sep
2015
16 Sep
'15
2:07 p.m.
Sampsa Laine <sampsa at mac.com> writes:
You're probably under a Chinese/Russian robot
attack, trying to =
brute-force their way in.
I've had this on occasion and am tempted to just drop all packets =
originating from China..
I've gone even further here. I block all nets that originate APNIC.
Not sure what the best way to do this is, I have a
pretty simple =
consumer level router (Draytek) so I guess I could use iptables or =
something on Linux - however I'm not if that'll just affect the host I =
run the iptables command on or the whole interface.
Basically, I have one physical interface for 8 virtual machines and a =
bunch of SIMH instances etc. If I could drop the packets at the =
interface of the host machine it'd be ideal.
Any iptables experts out there?
I use IPTABLES on one of the Lunix servers I run to add IP addresses which I
have determined to be those of botnet control systems (generally, systems the
Chinese et al are using).
/sbin/iptables -A INPUT -s $IP -p all -j DROP
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
I speak to machines with the voice of humanity.