[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Getting hit hard by CHINANET

Subject: Getting hit hard by CHINANET
From: anthony.kosednar at gmail.com (Anthony Kosednar)
Date: Tue, 17 Mar 2015 18:51:24 -0700
In-reply-to: <CA+w+2f9vMAgFTTH=KVZANdQjTuRdyNH4yBVV9vhDRqGFFOCB_g@mail.gmail.com>
References: <CA+w+2f9vMAgFTTH=KVZANdQjTuRdyNH4yBVV9vhDRqGFFOCB_g@mail.gmail.com>

Hello Terrance,

I've seen this IP several times in our threat logs.It is a known threat and
has even been called out by Norse (
http://www.norse-corp.com/blog-thursday-140828.html).

I recommend blocking the ip at the edge of your network. If it becomes more
of a problem, ask one of your upstream providers to block him you upstream
of you as well. They shouldn't hesitate as it is clearly labeled a known
threat.

Thanks,

-
Anthony

On Mon, Mar 16, 2015 at 7:06 PM, Terrance Devor <ter.devor at gmail.com> wrote:

> Hello Everyone,
>
> I really hope this is not against group policy etc.. however our network is
> being hit
> hard by a China IP for the past 6 months. Our systems our up to date,
> passwordless
> ssh etc.. but they're DOS attempts are getting more and more aggressive.
> Tried to
> contact their phone number to no success (not valid). Emails don't get any
> response.
> The IP is 218.77.79.43. Do we have any options?
>
> Terrance
>

References:
- Getting hit hard by CHINANET
  - From: ter.devor at gmail.com (Terrance Devor)

Prev by Date: Request for clueful person at Apple's mail operation
Next by Date: Getting hit hard by CHINANET
Previous by thread: Getting hit hard by CHINANET
Next by thread: Getting hit hard by CHINANET
Index(es):
- Date
- Thread