Portscans/PROXY scans

• Previous message (by thread): Portscans/PROXY scans
• Next message (by thread): Portscans/PROXY scans
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 1 Nov 2003 John_York at Dell.com wrote:
> We're seeing an incredible amount of port- and proxy-scans from 211.0.0.0/8,
> and 0 legitimate packets from the same range. I'm thinking about blocking
> the entire /8, as noone on our network needs any contact with Asia (I belive
> those addresses are all in Asia - correct me if I'm wrong). Has anyone here
> blocked 211.? Any unexpected results when doing so?

Unexpected?  It depends on what you expect the results to be.

I have acted as a diplomat de jure negotating resumption of traffic
between people blocking these network ranges and organizations in Japan in
the past.  In addition to Japan, the 211 netblock is assigned to
organizations in other Asia Pacific countries.

Its your network (or maybe your employer's network) to do whatever you
choose.  You may want to consider blocking smaller ranges than the
entire /8.

• Previous message (by thread): Portscans/PROXY scans
• Next message (by thread): Portscans/PROXY scans
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]