nanog mailing list archives
Re: Getting hit hard by CHINANET
From: Anthony Kosednar <anthony.kosednar () gmail com>
Date: Tue, 17 Mar 2015 18:51:24 -0700
Hello Terrance, I've seen this IP several times in our threat logs.It is a known threat and has even been called out by Norse ( http://www.norse-corp.com/blog-thursday-140828.html). I recommend blocking the ip at the edge of your network. If it becomes more of a problem, ask one of your upstream providers to block him you upstream of you as well. They shouldn't hesitate as it is clearly labeled a known threat. Thanks, - Anthony On Mon, Mar 16, 2015 at 7:06 PM, Terrance Devor <ter.devor () gmail com> wrote:
Hello Everyone, I really hope this is not against group policy etc.. however our network is being hit hard by a China IP for the past 6 months. Our systems our up to date, passwordless ssh etc.. but they're DOS attempts are getting more and more aggressive. Tried to contact their phone number to no success (not valid). Emails don't get any response. The IP is 218.77.79.43. Do we have any options? Terrance
Current thread:
- Re: Getting hit hard by CHINANET, (continued)
- Re: Getting hit hard by CHINANET Colin Johnston (Mar 23)
- Re: Getting hit hard by CHINANET Ca By (Mar 23)
- Re: Getting hit hard by CHINANET Justin M. Streiner (Mar 23)
- Re: Getting hit hard by CHINANET Ca By (Mar 23)
- Re: Getting hit hard by CHINANET Paul S. (Mar 23)
- Re: Getting hit hard by CHINANET Colin Johnston (Mar 18)
- Re: Getting hit hard by CHINANET Mike Hale (Mar 17)
- Re: Getting hit hard by CHINANET Roland Dobbins (Mar 18)