On Wed, 6 Jul 2005, Geoff White wrote:
Hello All. I'm having trouble with Cracking Attempts and DoS attacks from a lot of places in China :) My client doesn't do any business in that region so they don't mind If I block the entire sub-continent :) Does anyone have a bad-guy list (or part of one) that I can use to get started? I'm using pf under OpenBSD 3.7 as a firewall box.
IP blocks allocated to organizations in various countries (updated daily): http://www.completewhois.com/statistics/data/ips-bycountry/rirstats/ Configuring firewall (openbsd way on the buttom, replace bogon example with appropriate other list you want): http://www.completewhois.com/bogons/using_bogon_lists.htm#firewall_examples CIDR -> firewall scripts for some systems (not needed for openbsd which accepts cidr ip block list directly with ph): http://www.completewhois.com/bogons/data/scripts/ P.S. Still looking for somebody to document and if necessary provide scripts on how to do it with netbsd, aix, hpux. Volunteers? (and I'll do solaris myself if I ever get around to it...) -- William Leibzon Elan Networks william@elan.net