[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Attacking from an IP Range

Subject: Re: [cobalt-users] Attacking from an IP Range
From: flash22@xxxxxxx
Date: Wed Mar 21 02:35:07 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Wed, 21 Mar 2001, Ian C. Walmsley wrote:

> Hi,
> 
> Portsentry is currently reporting repeated attacks from IP's in the range
> 192.168.20.0 to 192.168.20.255 - I am sure that this is not a usual IP
> address range.

It's in the reserved range for local use...

> 
> Any idea how I can track this IP down, and is it possible to block an entire
> range with an '*'- or is it even wise to do that?

packet sniffer ;)

If you want to just blackhole it

route add -net 192.168.0.0 netmask 255.255.0.0 reject

(Make sure you aren't uing it yurself somewhere ;)

gsh

Follow-Ups:
- Re: [cobalt-users] Attacking from an IP Range
  - From: jramer
- Re: [cobalt-users] Attacking from an IP Range
  - From: Peter Low

References:
- [cobalt-users] Attacking from an IP Range
  - From: Ian C. Walmsley

Prev by Date: [cobalt-users] Samba(Raq4) and NT LAN: Can't see the Raq in Neighborhood.
Next by Date: [cobalt-users] Frontpage extentions problem
Previous by thread: RE: [cobalt-users] Attacking from an IP Range
Next by thread: Re: [cobalt-users] Attacking from an IP Range

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index