[178960] in North American Network Operators' Group
Re: Getting hit hard by CHINANET
daemon@ATHENA.MIT.EDU (Mike Hale)
Wed Mar 18 02:25:17 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <2B69FA7C-F792-4F8A-9BDC-8938577E4BF7@gt86car.org.uk>
Date: Tue, 17 Mar 2015 23:24:07 -0700
From: Mike Hale <eyeronic.design@gmail.com>
To: Colin Johnston <colinj@gt86car.org.uk>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I null route those IPs that stand out above the background noise at
our edge. Seems to work relatively well so far.
I do have a request for Roland. Would you mind sharing more details
on what you've seen regarding the various miscreants screwing with
each others' devices?
On Tue, Mar 17, 2015 at 11:18 PM, Colin Johnston <colinj@gt86car.org.uk> wrote:
> use block firewall country flags, use strict packet compliance checking, dont bother with abuse email comms as is ignored, mentioned to trade missions but ignored
>
> colin
>
> Sent from my iPhone
>
>> On 17 Mar 2015, at 02:06, Terrance Devor <ter.devor@gmail.com> wrote:
>>
>> Hello Everyone,
>>
>> I really hope this is not against group policy etc.. however our network is
>> being hit
>> hard by a China IP for the past 6 months. Our systems our up to date,
>> passwordless
>> ssh etc.. but they're DOS attempts are getting more and more aggressive.
>> Tried to
>> contact their phone number to no success (not valid). Emails don't get any
>> response.
>> The IP is 218.77.79.43. Do we have any options?
>>
>> Terrance
--
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
