[c-nsp] IP blocks from Asian RIRs?
Ken A
ka at pacific.net
Fri Nov 30 09:44:45 EST 2007
Noel Butler wrote:
> I doubt your router will cope, there are 2892 ranges in just
> cn,kr,tw.and hk alone.
> Although APNIC is located in Brisbane, Australia, most their staff are,
> well, not aussies :) and are aware many like to block asia, so to make
> it hard I guess they split it up as much as possible in amongst the rest
> of us.
>
>
> On Fri, 2007-11-30 at 03:49, Alex Balashov wrote:
>> Is there a good way to retrieve a list of all IP blocks assigned by APNIC
>> / the Asian RIRs?
>>
>> I am immensely interested in firewalling off all of China, South Korea,
>> and Taiwan from my network entirely. 98% of my port scans and dictionary
>> attempts are coming from networks in that region, and I do not see it
>> as a particularly draconian step as I have absolutely no interest in
>> interacting with them electronically. That whole region of the globe
>> is a DoS / spam / breakin hotbed.
We use iptables on linux webservers to block a couple of them from ports
20-22. You can get the zones from:
rsync://countries-ns.mdc.dk/zone/zz.countries.nerd.dk.rbldnsd
Ken
>>
>> I know this is probably not very practical, but if it's possible somehow
>> I'd be curious to know.
>>
>> --
>> Alex Balashov
>> Evariste Systems
>> Web : http://www.evaristesys.com/
>> Tel : +1-678-954-0670
>> Direct : +1-678-954-0671
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
--
Ken Anderson
Pacific.Net
More information about the cisco-nsp
mailing list