nanog mailing list archives

RE: Need BOGIES list

From: "O'Neil,Kevin" <oneil () oclc org>
Date: Wed, 6 Jul 2005 15:14:45 -0400



I went to http://www.iana.org/assignments/ipv4-address-space and grep-ed
for APNIC (Asia-Pacific Network Information Center) to get the following
list.  For the church email site that I support I block wholesale /8 IP
address ranges.  I assume that for our church we will never get email
from an APNIC site.
 
058/8   Apr 04   APNIC                               (whois.apnic.net)
059/8   Apr 04   APNIC                               (whois.apnic.net)
060/8   Apr 03   APNIC                               (whois.apnic.net)
061/8   Apr 97   APNIC                               (whois.apnic.net)
124/8   Jan 05   APNIC                               (whois.apnic.net)
125/8   Jan 05   APNIC                               (whois.apnic.net)
126/8   Jan 05   APNIC                               (whois.apnic.net)
202/8   May 93   APNIC                               (whois.apnic.net)
203/8   May 93   APNIC                               (whois.apnic.net)
210/8   Jun 96   APNIC                               (whois.apnic.net)
211/8   Jun 96   APNIC                               (whois.apnic.net)
218/8   Dec 00   APNIC                               (whois.apnic.net)
219/8   Sep 01   APNIC                               (whois.apnic.net)
220/8   Dec 01   APNIC                               (whois.apnic.net)
221/8   Jul 02   APNIC                               (whois.apnic.net)
222/8   Feb 03   APNIC                               (whois.apnic.net)

Here is my procmail recipe if that helps:

:0 H
* ^Received:.*\[(58\.|59\.|60\.|61\.|\
124\.|125\.|126\.|\
202\.|203\.|\
210\.|211\.|\
218\.|219\.|\
220\.|221\.|222\.)
{
 /dev/null
}

...Kevin O'Neil
 

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Geoff White
Sent: Wednesday, July 06, 2005 2:50 PM
To: nanog () merit edu
Subject: Need BOGIES list


Hello All.
I'm having trouble with Cracking Attempts  and DoS attacks from a lot of

places in China :)
My client doesn't do any business in that region so they don't mind If I

block the entire sub-continent :)
Does anyone have a bad-guy list (or part of one) that I can use to get 
started?
I'm using pf under OpenBSD 3.7 as a firewall box.
E-mailing me off line is fine


geoffw

Current thread:

Need BOGIES list Geoff White (Jul 06)
- Re: Need BOGIES list trainier (Jul 06)
- Re: Need BOGIES list Jon Lewis (Jul 06)
- Re: Need BOGIES list Mark Owen (Jul 06)
- Someone at Sprint security please contact me. Chip Mefford (Jul 12)
- <Possible follow-ups>
- Re: Need BOGIES list william(at)elan.net (Jul 06)
- RE: Need BOGIES list O'Neil,Kevin (Jul 06)
  - RE: Need BOGIES list Mark Foster (Jul 06)
    - RE: Need BOGIES list Mark Foster (Jul 06)