I don't block China and NK, but for the most part, my decision is automatic when I see IP's out of those countries. I kill OUTPUT and INPUT. It might not solve your problem, but it can't hurt. I kill OUTPUT and INPUT on every IP I can with the assumption that if people really have problems I'll notice, and if users have problems, I'll be called. If you see issues from an IP, you don't want to talk to it anymore, ever.
On Sun, Oct 5, 2014 at 6:32 AM, James Rogers <[email protected]> wrote: > I also highly recommend running a whois on the IP's used in the attacks, > and then creating DROP rules for the entire ASIN for your attackers if you > don't have any legit reason for talking to that range. > > I keep whole /8's and /16's in my iptables DROP list. If you can limit the > people you want to talk to, then only talk to those IP's.A small positive > list if often more useful than sections of the rest of the world. > > On Sun, Oct 5, 2014 at 6:19 AM, James Rogers <[email protected]> > wrote: > >> FBI Contact US page: >> >> http://www.fbi.gov/contact-us >> >> And hey, give us IPs for your attackers so that we can block them at our >> routers. >> >> On Sun, Oct 5, 2014 at 6:16 AM, James Rogers <[email protected]> >> wrote: >> >>> >>> ---------- Forwarded message ---------- >>> From: James Rogers <[email protected]> >>> Date: Sun, Oct 5, 2014 at 6:09 AM >>> Subject: Re: Final Solution to Chinese Break in >>> To: Bill Maidment <[email protected]> >>> Cc: Paul Robert Marino <[email protected]>, Nico Kadel-Garcia < >>> [email protected]>, Larry Linder <[email protected]>, " >>> [email protected]" <[email protected]> >>> >>> >>> Interpol is not so much an org as an agreement between LEOs in different >>> countries. Not an LEO so much as a way of sharing information. >>> >>> The FBI, according to presentations they've given, is very interested in >>> crimes in all countries even if they cannot pursue or prosecute. And are >>> more than willing to interdict criminals in any country that allows their >>> shoes on the ground. >>> >>> --James >>> >>> On Sat, Oct 4, 2014 at 9:26 PM, Bill Maidment <[email protected]> wrote: >>> >>>> There used to be an organisation called Interpol to deal with >>>> international crime. I haven't heard anything recent about them; do they >>>> still exist? >>>> >>>> Regards >>>> Bill Maidment >>>> >>>> >>>> -----Original message----- >>>> > From:Paul Robert Marino <[email protected]> >>>> > Sent: Sunday 5th October 2014 9:14 >>>> > To: Nico Kadel-Garcia <[email protected]>; Larry Linder < >>>> [email protected]> >>>> > Cc: [email protected] <[email protected]> >>>> > Subject: Re: Final Solution to Chinese Break in >>>> > >>>> > >>>> > One other problem is the FBI can only investigate criminals operating >>>> within the united states they really can't do any thing if the criminal is >>>> operating out of an other country due to their mandated scope of >>>> enforcement. >>>> > In fact internet crimes are really difficult for any law enforcement >>>> because they are usually international and there for exceed their >>>> jurisdiction. The laws that limit jurisdiction are ment to protect our >>>> rights and prevent any one law enforcement agency from having enough power >>>> to threaten the government; however this makes it nearly impossible for any >>>> one of them to truly investigate internet crimes. What is needed is a new >>>> agency who's jurisdiction is international internet crimes; however that >>>> also presents its own risks because if you think the NSA is bad about >>>> respecting our rights just wait to see what an international agency tasked >>>> with tracking internet crimes would do. >>>> > >>>> > -- Sent from my HP Pre3 >>>> >>> >>> >>> >> >
