RE: Banging on the firewall

Mon, 05 Feb 2001 05:55:06 -0800 

yes...  I ha(d)ve the same problem... most went away with the following
lines in rc.firewall:
######### 
# To be blunt, most of my recent network attacks are coming from 
# APNIC (esp. Korea)... 
# 
# I'm sick of their crap, as most refuse to do anything about it.... 
# For now, I'm just gonna block the entire 210.127 subnet & see if 
# anyone complains (I have my doubts) 
$IPCHAINS -A input -l -s 210.127.0.0/16 -d $EXTERNAL_NET -j DENY 
echo -n "." 
$IPCHAINS -A input -l -s 211.171.0.0/16 -d $EXTERNAL_NET -j DENY 
echo -n "." 
echo "Done!" 
# 


> -----Original Message-----
> From: Drew Hunt [SMTP:[EMAIL PROTECTED]]
> Sent: Saturday, February 03, 2001 2:27 PM
> To:   RedHat general mailling list
> Subject:      Banging on the firewall
> 
> These idiots at Korea Network Information Center and KORNET have been
> banging at my non-existant BIND server all morning.  This is not the first
> time they've buzzed my firewall and previous emails to admins have gone
> unheeded.  Anyone have any suggestions on how to deal with these jerks?
> 
> Feb  3 07:01:13 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 211.54.136.220:1024 24.221.123.186:53 L=58 S=0x00 I=3151 F=0x0000 T=44
> (#81)
> Feb  3 07:01:22 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 211.54.136.220:1024 24.221.123.186:53 L=58 S=0x00 I=3562 F=0x0000 T=44
> (#81)
> Feb  3 07:01:32 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 211.54.136.220:1024 24.221.123.186:53 L=58 S=0x00 I=3784 F=0x0000 T=44
> (#81)
> Feb  3 07:01:39 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 168.126.63.3:60293 24.221.123.186:53 L=58 S=0x00 I=60012 F=0x4000 T=239
> (#81)
> Feb  3 07:01:43 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 168.126.63.6:65155 24.221.123.186:53 L=58 S=0x00 I=18221 F=0x4000 T=239
> (#81)
> -------snip---------
> Feb  3 12:23:32 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 168.126.63.7:45427 24.221.123.186:53 L=58 S=0x00 I=5811 F=0x4000 T=239
> (#82)
> Feb  3 12:23:39 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 211.54.136.220:1024 24.221.123.186:53 L=58 S=0x00 I=65082 F=0x0000 T=44
> (#82)
> Feb  3 12:23:57 tenchi kernel: Packet log: input DENY eth0 PROTO=17
> 168.126.63.4:50156 24.221.123.186:53 L=58 S=0x00 I=59913 F=0x4000 T=239
> (#82)
> 
> 
> Any suggestions welcome!
> 
> Drew
> 
> 
> 
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to