Diary of a geek

June 2011
Mon Tue Wed Thu Fri Sat Sun

Andrew Pollock


Other people's blogs


RSS feed

Contact me

JavaScript required

Wednesday, 08 June 2011

I'd pay for an ISP service that excluded China

I say this after probably 48 hours of what I estimate is a sustained 60 kB/s of brute force SIP traffic from has been sent my way.

I'd very cheerfully sign up for a service that had all Chinese IP addresses null routed, and provided a proxy server for any HTTP access. I have no business needing direct IP connectivity to China, and I certainly do it not want it from China to me.

I was pleasantly surprised to be able to call up Comcast's Business Class technical support tonight and ask them if they could null route the above IP address, and they seemed to imply they could (they opened up a ticket for a level 2 person to do something at least).

Now if only I didn't have to pick up the phone to interact with Comcast's Business Class technical support, it'd be just lovely.

I'm just glad I'm not in Australia where this would be blowing my monthly quota and/or causing me to receive excess usage charges. Bloody UDP. You can firewall it off, but it keeps coming. My initial stopgap Netfilter rule counted 1.5G of traffic before I replaced it with an adaptation of my SSH brute force mitigation rules, and the new rule has seen nearly 5G of traffic now. It's one thing to try to brute force something, but to keep trying after you stop getting responses is just plain stupid.

[22:08] [tech/security] [permalink]