I null route those IPs that stand out above the background noise at our edge. Seems to work relatively well so far. I do have a request for Roland. Would you mind sharing more details on what you've seen regarding the various miscreants screwing with each others' devices? On Tue, Mar 17, 2015 at 11:18 PM, Colin Johnston <colinj@gt86car.org.uk> wrote:
use block firewall country flags, use strict packet compliance checking, dont bother with abuse email comms as is ignored, mentioned to trade missions but ignored
colin
Sent from my iPhone
On 17 Mar 2015, at 02:06, Terrance Devor <ter.devor@gmail.com> wrote:
Hello Everyone,
I really hope this is not against group policy etc.. however our network is being hit hard by a China IP for the past 6 months. Our systems our up to date, passwordless ssh etc.. but they're DOS attempts are getting more and more aggressive. Tried to contact their phone number to no success (not valid). Emails don't get any response. The IP is 218.77.79.43. Do we have any options?
Terrance
-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0