Quantcast
Viewing all articles
Browse latest Browse all 226371

Hacking attempts?

I would concur, dynamically adding vectors as they come up is one thing, using a cloud sourced blacklist will leverage above and beyond that pedentry, so any large set from a blacklist will benefit by the use of ipset, the voipbl could benefit by using hash:net and looking it up first, a full 45% of that list are from PS (palestine)

5.11.40.0/22       # RIPE    PS PS-ORANGE-PALESTINE                      Orange Palestine Group Co. for Technological Investment Joint Stock Private Company
5.133.24.0/22      # RIPE    PS PS-ULTRANET-20120704                     Ultranet for Communication and Information Technology Ltd
31.186.176.0/22    # RIPE    PS NETWORK2                                 SuperLink ADSL Service 2
31.223.176.0/21    # RIPE    PS CITYNET                                  citynet internet provider
37.75.208.0/22     # RIPE    PS PS-ORANGE-PALESTINE                      Orange Palestine Group Co. for Technological Investment Joint Stock Private Company
37.8.0.0/18        # RIPE    PS HBSAGAZA                                 Hadara Gaza BSA
46.32.208.0/21     # RIPE    PS CallU_ADSL                               Call U Communications Ltd
64.182.127.160/29  # ARIN    PS ASR-IT-REASSIGN-10                       ASR-IT.COM For Web Services
82.102.216.0/21    # RIPE    PS Hadara_BSA_02                            BSA network expansion
82.205.0.0/22      # RIPE    PS GZ-BSA-01                                Hadara BSA 2013 3/4
83.244.0.0/20      # RIPE    PS PALTEL-SFI                               Palestine Telecommunications Company (PALTEL)httpSubscription Free Internet Program "SFI"
85.113.96.0/20     # RIPE    PS HADARA                                   Hadara-RH3
85.114.96.0/21     # RIPE    PS FUSION-SERVICES                          fusion company IP's
104.243.47.8/29    # ARIN    PS NET-104-243-47-8-29                      naeem syam
176.106.40.0/21    # RIPE    PS SPEED-CLICK-LTD                          SpeedClick for Information Technology and Communication Ltd
176.58.64.0/22     # RIPE    PS netstream                                first_assignment
176.67.98.0/23     # RIPE    PS PS-MADA-ALARAB-20110610                  Gaza-Network
185.12.184.0/23    # RIPE    PS CITYNET                                  citynet internet provider
185.19.220.0/23    # RIPE    PS PS-ORANGE-PALESTINE                      Orange Palestine Group Co. for Technological Investment Joint Stock Private Company
185.33.168.0/24    # RIPE    PS PS-DCC-MNT                               DCC-Infrastructure
185.40.194.0/24    # RIPE    PS HBSAexp03                                Hadara BSA 2013 expansion 3/4
185.5.220.0/22     # RIPE    PS PS-SPEEDCLICK-20121005                   SpeedClick for Information Technology and Communication Ltd
185.6.16.0/22      # RIPE    PS PS-NETSTREAM-20121008                    Netstream Technology Joint-Stock Private Ltd.
188.161.0.0/19     # RIPE    PS PALTEL-DSL                               Palestine Telecommunications Company (PALTEL)
212.106.76.192/27  # RIPE    PS RJ-NET                                   Royal Jordanian
213.244.66.0/24    # RIPE    PS PALTEL-GAZA-POP                          Palestine Telecommunications Company (PALTEL)Gaza IP POPGaza, Palestine
217.66.234.0/23    # RIPE    PS FIXED_IP_GAZA                            Fixed IPs for GAZA BSA
217.78.56.0/21     # RIPE    PS INTERPAL-ADSL-POOL                       INTERPAL-ADSL-POOL

the second worst offender is the US but be careful there if you are from the US as you will get all the ATT's/Apple/verizon/comcast nets that you need to process by a "secondary inspection"

But SERIOUSLY, consider only answering to SIP on a port other than 5000-5099, it's a no brainer that will reduce the driveby's by 99.99%. To compute a reasonable port to use

echo $(($RANDOM + 20001 ))


Viewing all articles
Browse latest Browse all 226371

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>