On 3/3/21 6:16 AM, Togan Muftuoglu wrote:
"JK" == James Knott
writes: JK> On 2021-03-02 11:36 p.m., David C. Rankin wrote:
Would have never gotten it... iptables is your friend:
-A INPUT -s 61.0.0.0/8 -j DROP
JK> My firewall is pfsense and I have blocked the entire 61.0.0.0 /8 network.
Maybe better to use geoip based filtering and block the whole China, unless you have something to do.
I keep track of the top 50 offending IP blocks from which my servers have to block malicious intrusion attempts. While over-inclusive, I haven't suffered a successful intrusions since 2013 (MediaWiki was breached back then -- mess). Here are the current reports ( Server 1: (up 9 days) 1 5019 240K 51.0.0.0/8 2 2270 120K 185.0.0.0/8 3 1350 66256 5.0.0.0/8 4 1327 56164 217.0.0.0/8 5 1179 47160 131.161.0.0/16 6 1090 63412 194.0.0.0/8 7 908 65624 81.0.0.0/8 8 860 46500 89.0.0.0/8 9 718 31600 116.0.0.0/8 10 687 33044 78.0.0.0/8 11 611 30052 93.0.0.0/8 12 610 33576 103.0.0.0/8 13 573 26952 91.0.0.0/8 14 572 24380 95.0.0.0/8 15 561 27532 195.0.0.0/8 16 545 22808 45.128.0.0/11 17 544 30796 88.0.0.0/8 18 540 23652 2.0.0.0/8 19 483 23648 188.0.0.0/8 20 475 20192 120.0.0.0/8 21 460 22132 92.0.0.0/8 22 459 26428 77.0.0.0/8 23 424 16960 139.162.0.0/16 24 399 21912 80.0.0.0/8 25 385 18892 79.0.0.0/8 26 346 19972 58.0.0.0/8 27 330 18736 87.0.0.0/8 28 315 16744 94.0.0.0/8 29 314 15784 37.0.0.0/8 30 271 11953 203.0.0.0/8 31 260 13140 178.0.0.0/8 32 254 13428 114.0.0.0/8 33 242 11008 220.0.0.0/8 34 234 13420 85.0.0.0/8 35 230 13744 111.0.0.0/8 36 223 10984 82.0.0.0/8 37 218 8744 49.0.0.0/8 38 199 11072 109.0.0.0/8 39 194 11144 31.0.0.0/8 40 184 9444 212.0.0.0/8 41 183 8912 121.0.0.0/8 42 179 9503 193.0.0.0/8 43 179 10496 83.0.0.0/8 44 169 7940 46.0.0.0/8 45 168 9356 176.0.0.0/8 46 167 9232 62.0.0.0/8 47 165 8500 86.0.0.0/8 48 161 9236 84.0.0.0/8 49 150 10750 151.0.0.0/8 50 144 6860 1.0.0.0/8 Server 2: (up 3 days) 1 1122 61028 185.0.0.0/8 2 741 101K 203.0.0.0/8 3 683 40220 37.0.0.0/8 4 567 38300 103.0.0.0/8 5 507 25992 5.0.0.0/8 6 477 24796 123.0.0.0/8 7 366 21840 51.0.0.0/8 8 281 16540 46.0.0.0/8 9 248 12712 178.0.0.0/8 10 212 17152 193.0.0.0/8 11 188 14136 111.0.0.0/8 12 187 10060 125.0.0.0/8 13 159 8268 176.0.0.0/8 14 150 8940 93.0.0.0/8 15 122 6395 221.0.0.0/8 16 113 7515 196.0.0.0/8 17 112 6220 62.0.0.0/8 18 105 6300 116.0.0.0/8 19 100 5072 89.0.0.0/8 20 99 5520 91.0.0.0/8 21 80 4752 188.0.0.0/8 22 67 3420 81.0.0.0/8 23 61 3660 182.0.0.0/8 24 56 3360 154.0.0.0/8 25 55 3292 77.0.0.0/8 26 54 2808 114.0.0.0/8 27 48 2844 85.0.0.0/8 28 47 2444 84.0.0.0/8 29 46 2600 101.0.0.0/8 30 43 2580 42.0.0.0/8 31 37 2204 212.0.0.0/8 32 36 2160 207.245.103.0/24 33 35 2373 202.0.0.0/8 34 29 1468 87.0.0.0/8 35 24 1248 78.0.0.0/8 36 23 1380 144.76.0.0/16 37 22 1304 180.0.0.0/8 38 21 1260 27.0.0.0/8 39 18 896 217.0.0.0/8 40 17 908 194.0.0.0/8 41 17 848 222.0.0.0/8 42 16 960 49.0.0.0/8 43 16 904 83.0.0.0/8 44 14 784 151.0.0.0/8 45 13 807 195.0.0.0/8 46 13 732 82.0.0.0/8 47 13 716 118.0.0.0/8 48 12 720 79.0.0.0/8 49 10 504 61.0.0.0/8 50 10 468 121.0.0.0/8 -- David C. Rankin, J.D.,P.E.