Probes and testers

buddhaBananas installed a new kernel in linux, I rebooted, loaded up my basic firewall of essentially chinese and amazon ranges (my blog). Checked the connectivity and did my normal stuff.

All of sudden i was being tested and probed.  600 hosts later [385 overnight] my firewall had 244 items in.  Nobody got in.  It was a small attack but it validates my reasoning for blocking the ranges i do block.

examples include  University of Michigan College of Engineering (UMCE)

The countries where varied usa,ru, eu area, korea, iran, and japan and the odd part of china and hong kong i have yet to see evidence worth me blocking there cidr’s (a range of addresses).  I have records and who knows when i next sort my list on who else joins them,however still no north korea the bogey man of us choice, south korea was also non existent .

Eventually they stopped.

by golly but...

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.