North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Need BOGIES list

  • From: O'Neil,Kevin
  • Date: Wed Jul 06 15:19:16 2005

I went to http://www.iana.org/assignments/ipv4-address-space and grep-ed
for APNIC (Asia-Pacific Network Information Center) to get the following
list.  For the church email site that I support I block wholesale /8 IP
address ranges.  I assume that for our church we will never get email
from an APNIC site.
 
058/8   Apr 04   APNIC                               (whois.apnic.net)
059/8   Apr 04   APNIC                               (whois.apnic.net)
060/8   Apr 03   APNIC                               (whois.apnic.net)
061/8   Apr 97   APNIC                               (whois.apnic.net)
124/8   Jan 05   APNIC                               (whois.apnic.net)
125/8   Jan 05   APNIC                               (whois.apnic.net)
126/8   Jan 05   APNIC                               (whois.apnic.net)
202/8   May 93   APNIC                               (whois.apnic.net)
203/8   May 93   APNIC                               (whois.apnic.net)
210/8   Jun 96   APNIC                               (whois.apnic.net)
211/8   Jun 96   APNIC                               (whois.apnic.net)
218/8   Dec 00   APNIC                               (whois.apnic.net)
219/8   Sep 01   APNIC                               (whois.apnic.net)
220/8   Dec 01   APNIC                               (whois.apnic.net)
221/8   Jul 02   APNIC                               (whois.apnic.net)
222/8   Feb 03   APNIC                               (whois.apnic.net)

Here is my procmail recipe if that helps:

:0 H
* ^Received:.*\[(58\.|59\.|60\.|61\.|\
124\.|125\.|126\.|\
202\.|203\.|\
210\.|211\.|\
218\.|219\.|\
220\.|221\.|222\.)
{
 /dev/null
}

...Kevin O'Neil
 

-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Geoff White
Sent: Wednesday, July 06, 2005 2:50 PM
To: [email protected]
Subject: Need BOGIES list


Hello All.
I'm having trouble with Cracking Attempts  and DoS attacks from a lot of

places in China :)
My client doesn't do any business in that region so they don't mind If I

block the entire sub-continent :)
Does anyone have a bad-guy list (or part of one) that I can use to get 
started?
I'm using pf under OpenBSD 3.7 as a firewall box.
E-mailing me off line is fine


geoffw