Probes and testers

buddhaBananas installed a new kernel in linux, I rebooted, loaded up my basic firewall of essentially chinese and amazon ranges (my blog). Checked the connectivity and did my normal stuff.

All of sudden i was being tested and probed.  600 hosts later [385 overnight] my firewall had 244 items in.  Nobody got in.  It was a small attack but it validates my reasoning for blocking the ranges i do block.

examples include

141.212.122.0/24  University of Michigan College of Engineering (UMCE)

The countries where varied usa,ru, eu area, korea, iran, and japan and the odd part of china and hong kong i have yet to see evidence worth me blocking there cidr’s (a range of addresses).  I have records and who knows when i next sort my list on who else joins them,however still no north korea the bogey man of us choice, south korea was also non existent .

Eventually they stopped.

by golly but...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s