Is it possible for you to share that filter list you have for china? im getting bogged down by those ssh-bruts as well coming in from china.
-B On Thu, Apr 8, 2010 at 2:36 PM, Brielle Bruns <br...@2mbit.com> wrote: > On 4/8/10 2:23 PM, Jay Hennigan wrote: >> >> We just got Cyclops alerts showing several of our prefixes sourced from >> AS23474 propagating through AS4134. Anyone else? >> >> aut-num: AS23724 >> as-name: CHINANET-IDC-BJ-AP >> descr: IDC, China Telecommunications Corporation >> country: CN >> >> aut-num: AS4134 >> as-name: CHINANET-BACKBONE >> descr: No.31,Jin-rong Street >> descr: Beijing >> descr: 100032 >> country: CN >> >> -- >> Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net >> Impulse Internet Service - http://www.impulse.net/ >> Your local telephone and internet company - 805 884-6323 - WB6RDV >> > > I'm starting to wonder if someone is 'testing the waters' in China to see > what they can get away with. I hate to be like this, but there's a reason > why I have all of China filtered on my routers. > > Amazing how much SSH hammering, spam, and other nastiness went away within > minutes of the filtering going in place. > > There comes a point where 'accidental' and 'isolated incident' become "we no > care" and "spam not illegal". And no, i'm not quoting that to mock, but > rather repeat exactly what admins in China send to me in response to abuse > reports and blocking in the AHBL. > > -- > Brielle Bruns > The Summit Open Source Development Group > http://www.sosdg.org / http://www.ahbl.org > > -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
