BGP hijack from 23724 -> 4134 China?

• Previous message (by thread): BGP hijack from 23724 -> 4134 China?
• Next message (by thread): BGP hijack from 23724 -> 4134 China?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Are we to believe that filtering .cn will filter all Chinese attacks? I know that if I was up to no good in China, I'd buy a cheap VSAT connection, tld's are probably not a good way to identify bad guys.

My two cents..
//warren

-----Original Message-----
From: Jeroen van Aart [mailto:jeroen at mompl.net] 
Sent: Friday, April 09, 2010 11:14 AM
To: nanog at nanog.org
Subject: Re: BGP hijack from 23724 -> 4134 China?

Rich Kulawiec wrote:
> See ipdeny.com for allocations covering about 225 countries. Alternatively,
> please see http://www.okean.com/asianspamblocks.html for lists that cover
> China and Korea only.  The former is furnished in CIDR; the latter in CIDR,
> Apache htaccess, Cisco ACL, and Linux iptables.

Thanks, the iptables list comes in quite handy. People may wish to block 
port 22 as well as port 25. Although something like fail2ban takes care 
of that nicely.

Greetings,
Jeroen

• Previous message (by thread): BGP hijack from 23724 -> 4134 China?
• Next message (by thread): BGP hijack from 23724 -> 4134 China?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]