This is in iptables format, so massage if necessary.
I get sort of draconian in my implementation: If someone from a country that doesn't speak English attacks, I block the entire subnet. Screw 'em.
Interesting are some. Diego Garcia, really?
Donovan's block list
-
Donovan Ready
- Posts: 239
- Joined: Thu Apr 17, 2014 1:22 pm
- Location: Austin, Texas
-
Donovan Ready
- Posts: 239
- Joined: Thu Apr 17, 2014 1:22 pm
- Location: Austin, Texas
Re: Donovan's block list
And just for giggles, here's my sites-enabled file for Apache:
-
Donovan Ready
- Posts: 239
- Joined: Thu Apr 17, 2014 1:22 pm
- Location: Austin, Texas
Re: Donovan's block list
Here's an update for you, and the tale of corruption.
It resolves to France, therefore OVH is correct, but Amazon owns almost all the 54.0.0.0 range. It comes up in some searches as Merck, which is bullshit. I don't know when they went tits-up for the spies, but when and if you get a hack attempt resolving to an address in that range, you can damned well make money on the bet that it originated from "somewhere in Northern Virginia".
Simpleminded crap, as usual.
Code: Select all
0 0 DROP tcp -- * * 54.38.0.0/16 0.0.0.0/0 tcp /* OVH-Amazon-NSA */ Simpleminded crap, as usual.
-
Doug Coulter
- Posts: 3515
- Joined: Wed Jul 14, 2010 7:05 pm
- Location: Floyd county, VA, USA
- Contact:
Re: Donovan's block list
NOVA is CIA (Langley, VA). NSA is Ft Meade, MD, the next state up. I should know, I fixed computers at both places when I worked for DEC. (and other reasons, but I don't work for beltway bandits anymore). Of course, either and both are "anywhere they want to be today".
Posting as just me, not as the forum owner. Everything I say is "in my opinion" and YMMV -- which should go for everyone without saying.
-
Donovan Ready
- Posts: 239
- Joined: Thu Apr 17, 2014 1:22 pm
- Location: Austin, Texas
Re: Donovan's block list
Yep, thanks to Amazon cloud services. You and I know that they can appear to be anywhere, but most of the time they're as stupid as the script-kiddies...
I get hits from military that resolve to the equator and the prime meridian, but that's just sailors. I guess...
I get hits from military that resolve to the equator and the prime meridian, but that's just sailors. I guess...
-
Doug Coulter
- Posts: 3515
- Joined: Wed Jul 14, 2010 7:05 pm
- Location: Floyd county, VA, USA
- Contact:
Re: Donovan's block list
Most of them ARE script kiddies with a gov job, that's why - and why guys like Snowden were able to leak the instructions they needed to operate, as it was/is all magic to the average analyst. They'd not have needed directions on how to pour piss out of a boot if they were good, right?
Which is like calling a janitor a sanitary engineer - Titles on business cards are cheap!
I'm beginning to think we can omit the "kiddies" part - maybe some of them are just scripts. Tay, where are you?
Which is like calling a janitor a sanitary engineer - Titles on business cards are cheap!
I'm beginning to think we can omit the "kiddies" part - maybe some of them are just scripts. Tay, where are you?
Posting as just me, not as the forum owner. Everything I say is "in my opinion" and YMMV -- which should go for everyone without saying.