Illegal access attempt - FreeBSD 5.4 Release - please advise
Hornet
hornetmadness at gmail.com
Wed Aug 24 11:50:26 GMT 2005
On 8/24/05, Michael Dale <mdale at dalegroup.net> wrote:
>
> >Also, most if not all of the blocks below are Asia netblocks that I
> >have had more then 3 attempts to gain access to my servers.
> >
> >220.0.0.0/8
> >202.0.0.0/7
> >134.208.0.0/16
> >218.0.0.0/8
> >210.0.0.0/7
> >221.0.0.0/8
> >219.0.0.0/8
> >195.116.0.0/16
> >59.0.0.0/8
> >195.133.91.0/24
> >222.0.0.0/8
> >
> >
> >
> Not always a good idea. A lot of Australian users have been having
> issues because of people doing this. More info here:
> http://forums.whirlpool.net.au/forum-replies.cfm?t=324246#r2
>
>
You are right, its not a good idea, but when they attempt access I
email the logs and and a nice email (NOT a 3 page complaint followed
by demands and treat of legal recourse (I work at a large ISP so I
know)) I get no where, those ISP's are leave me no other choice.
I should also state that I remove the netblocks from my blackhole list
about every 3 months, but the same blocks always end up back on the
list.
-Erik-
More information about the freebsd-questions
mailing list