Getting hit hard by CHINANET

Anthony Kosednar anthony.kosednar at
Wed Mar 18 01:51:24 UTC 2015

Hello Terrance,

I've seen this IP several times in our threat logs.It is a known threat and
has even been called out by Norse (

I recommend blocking the ip at the edge of your network. If it becomes more
of a problem, ask one of your upstream providers to block him you upstream
of you as well. They shouldn't hesitate as it is clearly labeled a known



On Mon, Mar 16, 2015 at 7:06 PM, Terrance Devor <ter.devor at> wrote:

> Hello Everyone,
> I really hope this is not against group policy etc.. however our network is
> being hit
> hard by a China IP for the past 6 months. Our systems our up to date,
> passwordless
> ssh etc.. but they're DOS attempts are getting more and more aggressive.
> Tried to
> contact their phone number to no success (not valid). Emails don't get any
> response.
> The IP is Do we have any options?
> Terrance

More information about the NANOG mailing list