I finally got a list from the cable guy. He says the SMC 3000 series, the Cisco
3825, Netgear 3000, basically all DOCSIS 3.0 with routers built it.
From: Paul Stewart
Sent: Tuesday, May 12, 2015 6:33 AM
To: af@afmug.com
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrot
f Of Michael Gawlowski
Sent: Wednesday, May 13, 2015 12:01 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
I now have a FW script from Butch Evans that fixes this problem. It takes any
ftp, telnet or ssh attempt on the router and blocks the source IP for
85040
(602)-426-0542
Triadwireless.net
From: Af [mailto:af-boun...@afmug.com] On Behalf Of Paul Stewart
Sent: Monday, May 11, 2015 12:02 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
Why block at all? I know it’s a loaded question but I always
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
I'll get the info tomorrow and get back to you. It is mostly Cisco and SMC.
Might be related to the DNS rebind hack.
When I set the edge to drop invalid packets the problems got better. We've
watched some UDP
modems in question while they were having connection problems.
- Original Message -
From: Paul Stewart
To: af@afmug.com
Sent: Monday, May 11, 2015 8:04 PM
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
What make if you don’t mind me asking? Any de
Glen Waldrop
Sent: Monday, May 11, 2015 8:45 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
They only have one public IP per customer.
The dummie cable modems have an internal IP and pass the public through to the
customer. These are wireless route
.
- Original Message -
From: Mike Hammett
To: af@afmug.com
Sent: Monday, May 11, 2015 4:21 PM
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
One public IP per customer...
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
ubject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
The cable modems have an internal address, but they get the ones with routers
built in. Those have a public IP.
I keep telling him that we could NAT 90% of his customers and cut this problem
down as well as free up a
Stewart
To: af@afmug.com
Sent: Monday, May 11, 2015 4:12 PM
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
Usually management for cable modems is on a private network that isn’t
Internet accessible…. Sounds strange….
From: Af [mailto:af-boun...@afmu
Usually management for cable modems is on a private network that isn’t Internet
accessible…. Sounds strange….
From: Af [mailto:af-boun...@afmug.com] On Behalf Of Glen Waldrop
Sent: Monday, May 11, 2015 5:08 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in
router if they managed to
successfully hack it.
We've got Cisco and SMC scratching their heads on this.
- Original Message -
From: Paul Stewart
To: af@afmug.com
Sent: Monday, May 11, 2015 2:02 PM
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
Why
: af@afmug.com <mailto:af@afmug.com>
Sent: Monday, May 11, 2015 11:14 AM
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
So it sounds like the original poster (Glen I believe it is) is looking to
protect equipment that is not his? Why not just firewall acces
with fail2ban or other tools …
Just some thoughts..
Paul
From: Af [mailto:af-boun...@afmug.com] On Behalf Of David Milholen
Sent: Monday, May 11, 2015 7:53 AM
To: af@afmug.com
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
I have a perl script
..
Paul
From: Af [mailto:af-boun...@afmug.com] On Behalf Of David Milholen
Sent: Monday, May 11, 2015 7:53 AM
To: af@afmug.com
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
I have a perl script that watches are bind logs for Denied queries and places
those ips in a
isn't ours.
- Original Message -
*From:* Sean Heskett <mailto:af...@zirkel.us>
*To:* af@afmug.com <mailto:af@afmug.com>
*Sent:* Friday, May 08, 2015 3:33 PM
*Subject:* Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
Plus whenever the
From: Sean Heskett
To: af@afmug.com
Sent: Friday, May 08, 2015 3:33 PM
Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
Plus whenever the net neutrality rules kick in it'll be illegal.
Shouldn't be necessary if you have your firewalls setup correctl
dn’t pull up websites,
> companies/business customers couldn’t conduct business etc etc….
>
>
>
> Just a thought J
>
>
>
> Paul
>
>
>
>
>
> *From:* Af [mailto:af-boun...@afmug.com
> ] *On Behalf Of *Michael
> Gawlowski
> *Sent:* Friday, May 8, 2015 3:25
ay 8, 2015 3:25 PM
To: af@afmug.com
Subject: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
I have a blocklist of IP's and CIDR ranges that I would like to add in my
mikrotik 1100's and 2011's. Two questions:
1) What is the best way to add these without doin
sage -
> From: "Michael Gawlowski"
> To: af@afmug.com
> Sent: Friday, May 8, 2015 3:25:07 PM
> Subject: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik
> I have a blocklist of IP’s and CIDR ranges that I would like to add in my
> mikrotik 1100’s and 2011
I have a blocklist of IP's and CIDR ranges that I would like to add in my
mikrotik 1100's and 2011's. Two questions:
1) What is the best way to add these without doing one address or subnet
at a time?
2) Will there be a significant impact on router performance from adding so
many r
20 matches
Mail list logo
