Quote History Quoted:
Funny, I read it exactly the opposite - you'v been hacked/infected by the Russians, and your computers are reporting something back... may just be "still part of your DDOS botnet, standing by, Comrade."
Personally I'd like a list of all the Class A networks assigned to Russia and China, so I can just packet drop those bastards. I have no reason to have any network comms with them.
View Quote View All Quotes
View All Quotes
Quote History Quoted:
Quoted:
Quoted:
The way it reads to me someone is using your network to hack Russians you better put stop to that quickly.
I agree.
Funny, I read it exactly the opposite - you'v been hacked/infected by the Russians, and your computers are reporting something back... may just be "still part of your DDOS botnet, standing by, Comrade."
Personally I'd like a list of all the Class A networks assigned to Russia and China, so I can just packet drop those bastards. I have no reason to have any network comms with them.
Well,
here and
here are two places where you can get such lists. They're not perfect, but they are pretty good.
As for blocking China, it's initially tempting to block all of APNIC. But, Japan, Australia, and NZ are part of APNIC, too.
The list can get quite long, so hopefully your firewall has more efficient mechanisms (like Linux's ipsets) than just looking sequentially through ACLs. Null-routing the networks, instead of firewalling, may be an option for you.