[82068] in North American Network Operators' Group
RE: Need BOGIES list
daemon@ATHENA.MIT.EDU (O'Neil,Kevin)
Fri Jul 8 15:44:12 2005
Date: Wed, 6 Jul 2005 15:14:45 -0400
From: "O'Neil,Kevin" <oneil@oclc.org>
To: "Geoff White" <geoffw@cybertribe.com>
Cc: <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
I went to http://www.iana.org/assignments/ipv4-address-space and grep-ed
for APNIC (Asia-Pacific Network Information Center) to get the following
list. For the church email site that I support I block wholesale /8 IP
address ranges. I assume that for our church we will never get email
from an APNIC site.
=20
058/8 Apr 04 APNIC (whois.apnic.net)
059/8 Apr 04 APNIC (whois.apnic.net)
060/8 Apr 03 APNIC (whois.apnic.net)
061/8 Apr 97 APNIC (whois.apnic.net)
124/8 Jan 05 APNIC (whois.apnic.net)
125/8 Jan 05 APNIC (whois.apnic.net)
126/8 Jan 05 APNIC (whois.apnic.net)
202/8 May 93 APNIC (whois.apnic.net)
203/8 May 93 APNIC (whois.apnic.net)
210/8 Jun 96 APNIC (whois.apnic.net)
211/8 Jun 96 APNIC (whois.apnic.net)
218/8 Dec 00 APNIC (whois.apnic.net)
219/8 Sep 01 APNIC (whois.apnic.net)
220/8 Dec 01 APNIC (whois.apnic.net)
221/8 Jul 02 APNIC (whois.apnic.net)
222/8 Feb 03 APNIC (whois.apnic.net)
Here is my procmail recipe if that helps:
:0 H
* ^Received:.*\[(58\.|59\.|60\.|61\.|\
124\.|125\.|126\.|\
202\.|203\.|\
210\.|211\.|\
218\.|219\.|\
220\.|221\.|222\.)
{
/dev/null
}
...Kevin O'Neil
=20
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Geoff White
Sent: Wednesday, July 06, 2005 2:50 PM
To: nanog@merit.edu
Subject: Need BOGIES list
Hello All.
I'm having trouble with Cracking Attempts and DoS attacks from a lot of
places in China :)
My client doesn't do any business in that region so they don't mind If I
block the entire sub-continent :)
Does anyone have a bad-guy list (or part of one) that I can use to get=20
started?
I'm using pf under OpenBSD 3.7 as a firewall box.
E-mailing me off line is fine
geoffw
