drebin893 Posted May 28, 2010 Share Posted May 28, 2010 They don't show up when you're looking for user jobs, who's logged in, etc, but ssh traffic via tcpdump clearly shows that 123.125.127.204 pwned my CentOS 5.4 box. Googled the IP and its known bad and in a few firewall block rules published for helping n00bs avoid known bad hosts. Needed to rebuild that server anyhow .. just sharing. PS I've been hooked on watching the Hak5 podcasts for about 4 months now whenever I'm on a plane. Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 28, 2010 Share Posted May 28, 2010 Not too surprising it's from China. Do you live in China? If not, black list every China IP address. Quote Link to comment Share on other sites More sharing options...
misfitsman805 Posted May 29, 2010 Share Posted May 29, 2010 Not too surprising it's from China. Do you live in China? If not, black list every China IP address. Just curious, How would one go about Blacklisting all IP address's from china or any other country? How would you find them all out? Thanks. Quote Link to comment Share on other sites More sharing options...
Deevd Posted May 29, 2010 Share Posted May 29, 2010 (edited) Just curious, How would one go about Blacklisting all IP address's from china or any other country? How would you find them all out? Thanks. I suppose there is a range of IP adresses just for China... Edited May 29, 2010 by Deevd Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 29, 2010 Share Posted May 29, 2010 http://www.google.co.uk/#q=list+of+china+ip+addresses http://www.netadmintools.com/art216.html block range: iptables -A INPUT -s 192.168.100.0/24 -j DROP Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted May 30, 2010 Share Posted May 30, 2010 Block everything if you can from China and teach them a lesson, no offense but don't like them. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted May 30, 2010 Share Posted May 30, 2010 http://www.reedwilkins.com/blockchina.php Quote Link to comment Share on other sites More sharing options...
manuel Posted May 30, 2010 Share Posted May 30, 2010 127.0.0.1 pwned me. Quote Link to comment Share on other sites More sharing options...
cooper Posted June 3, 2010 Share Posted June 3, 2010 The IP from the topic isn't in the Reed Wilkins list... Quote Link to comment Share on other sites More sharing options...
NetworkPro Posted June 16, 2010 Share Posted June 16, 2010 (edited) Block China? :D But they the best eMule sharerers :) They have good BBS sites in English as well. They have freaking support websites for really major manufacturers as well. They have cheap stuff to easily buy with free shipping too. And chinese pr0n is not bad as well :) From time to time :D hahaha. Block freakin' China LOOOOOL ROFL :) I bet the guy that got pwned haven't updated his puter in years and that he was running services in a way that should not have been run :) That puter could have easily been pwned by a script, via a sheell account, a proxy, a relay, you name it. I have no reason to dislike any country. Take p2p communities for example. There are people from freakin' everywhere that seem to be very good sharerers, have excellent comments and seem generally good people. And about finding out a country's IPs: those are generated by BGP looking glasses. Mostly used for policy routing and bandwidth management. Not for blocking. Edited June 16, 2010 by NetworkPro Quote Link to comment Share on other sites More sharing options...
Jokke Posted June 25, 2010 Share Posted June 25, 2010 Get GeoIP-database up and running ... you can filter any traffic by its' geographical location after that. Not too difficult and quite effective. -Jokke Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.