I null route those IPs that stand out above the background noise at our edge. Seems to work relatively well so far.
I do have a request for Roland. Would you mind sharing more details on what you've seen regarding the various miscreants screwing with each others' devices? On Tue, Mar 17, 2015 at 11:18 PM, Colin Johnston <[email protected]> wrote: > use block firewall country flags, use strict packet compliance checking, dont > bother with abuse email comms as is ignored, mentioned to trade missions but > ignored > > colin > > Sent from my iPhone > >> On 17 Mar 2015, at 02:06, Terrance Devor <[email protected]> wrote: >> >> Hello Everyone, >> >> I really hope this is not against group policy etc.. however our network is >> being hit >> hard by a China IP for the past 6 months. Our systems our up to date, >> passwordless >> ssh etc.. but they're DOS attempts are getting more and more aggressive. >> Tried to >> contact their phone number to no success (not valid). Emails don't get any >> response. >> The IP is 218.77.79.43. Do we have any options? >> >> Terrance -- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
