10 Aug
2020
10 Aug
'20
12:13 a.m.
On Sun, 9 Aug 2020, David C. Rankin wrote:
WAIT!!!!!
I know what it is!!!
# iptables -nvL --line-numbers
Chain INPUT (policy ACCEPT 3651K packets, 548M bytes)
num pkts bytes target prot opt in out source
destination
11 3074 182K DROP all -- * * 37.0.0.0/8 0.0.0.0/0
Why on earth is the IP from RIPE? The IP for mail.trinitydesktop.net is
37.205.10.16. The 37 IP block is the top 3 offending block. 182K of
script-kiddie attempts since last boot alone.
Be careful about blindly blocking /8 CIDRs that way.
My US-based web host/VPS host bought a /23 block about
a year ago from in the RIPE 45.8.0.0/13 allocation.
I've seen a couple of issues such as yours with my VPS.
(Blocking with pf here....)
Jonesy
--
Marvin L Jones | Marvin | W3DHJ | linux
Pueblo, Colorado | @ | Jonesy | FreeBSD __
38.238N 104.547W | jonz.net | DM78rf | SK
---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-devel-unsubscribe(a)lists.pearsoncomputing.net
For additional commands, e-mail: trinity-devel-help(a)lists.pearsoncomputing.net
Read list messages on the web archive: http://trinity-devel.pearsoncomputing.net/
Please remember not to top-post:
http://trinity.pearsoncomputing.net/mailing_lists/#top-posting