9 Aug
2020
9 Aug
'20
5:13 p.m.
On Sun, 9 Aug 2020, David C. Rankin wrote:
WAIT!!!!!
I know what it is!!!
# iptables -nvL --line-numbers Chain INPUT (policy ACCEPT 3651K packets, 548M bytes) num pkts bytes target prot opt in out source destination 11 3074 182K DROP all -- * * 37.0.0.0/8 0.0.0.0/0
Why on earth is the IP from RIPE? The IP for mail.trinitydesktop.net is 37.205.10.16. The 37 IP block is the top 3 offending block. 182K of script-kiddie attempts since last boot alone.
Be careful about blindly blocking /8 CIDRs that way.
My US-based web host/VPS host bought a /23 block about a year ago from in the RIPE 45.8.0.0/13 allocation.
I've seen a couple of issues such as yours with my VPS.
(Blocking with pf here....) Jonesy
--
Marvin L Jones | Marvin | W3DHJ | linux
Pueblo, Colorado | @ | Jonesy | FreeBSD __
38.238N 104.547W | jonz.net | DM78rf | SK
---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-devel-unsubscribe@lists.pearsoncomputing.net
For additional commands, e-mail: trinity-devel-help@lists.pearsoncomputing.net
Read list messages on the web archive: http://trinity-devel.pearsoncomputing.net/
Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting