[HECnet] MONITOR DISK - Meaning of values

[Sampsa Laine]

There's also an automated solution here, but I'm not sure if that will just drop packets destined to my VM host or will it drop all the packets coming in on the interface so that none reach my VMs (I'm running them in bridged mode with real IPs on the same subnet)


http://www.cyberciti.biz/faq/block-entier-country-using-iptables/

On 16 Sep 2015, at 13:07, Brian Schenkenberger, VAXman- <system at TMESIS.COM> wrote:

> Sampsa Laine <sampsa at mac.com> writes:
> 
>> You're probably under a Chinese/Russian robot attack, trying to =
>> brute-force their way in.
>> 
>> I've had this on occasion and am tempted to just drop all packets =
>> originating from China..
> 
> I've gone even further here.  I block all nets that originate APNIC.
> 
> 
> 
>> Not sure what the best way to do this is, I have a pretty simple =
>> consumer level router (Draytek) so I guess I could use iptables or =
>> something on Linux - however I'm not if that'll just affect the host I =
>> run the iptables command on or the whole interface.
>> 
>> Basically, I have one physical interface for 8 virtual machines and a =
>> bunch of SIMH instances etc. If I could drop the packets at the =
>> interface of the host machine it'd be ideal.
>> 
>> Any iptables experts out there?
> 
> I use IPTABLES on one of the Lunix servers I run to add IP addresses which I
> have determined to be those of botnet control systems (generally, systems the
> Chinese et al are using).
> 
> /sbin/iptables -A INPUT -s $IP           -p all -j DROP
> 
> --
> VAXman- A Bored Certified VMS Kernel Mode Hacker    VAXman(at)TMESIS(dot)ORG
> 
> I speak to machines with the voice of humanity.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.sonic.net/pipermail/hecnet-list/attachments/20150916/5e6ba8a5/attachment.sig>