Block lots of ip ranges
-
hello,
i was wondering if there was an easy way to block large sets of ip ranges? I wanted to block all of APNIC from accessing any of the machines behind my network on port SSH. I foudn a few lists and was wondering if there was an easy way to implement this from them?http://www.completewhois.com/bogons/data/bogons-netrange-apnic_main.txt
http://www.completewhois.com/bogons/data/bogons-cidr-apnic_main.txt
http://www.completewhois.com/bogons/data/bogons-netmask-apnic_main.txt
http://www.completewhois.com/bogons/data/bogons-dd-apnic_main.txtthanks
-
Did you ever think about setting the max connections per xx seconds in the advanced area on the firewall rule page? This is what I have done. Have mine set for 3 connections per 240 seconds. That way hackers only get 9 attempts (3 attempts for 3 connections) before they are blocked for 4 min. At this point they think there banned and don't bother to try again.
-
at interfaes/wan turn on
Block bogon networks
When set, this option blocks traffic from IP addresses that are reserved (but not RFC 1918) or not yet assigned by IANA.
Bogons are prefixes that should never appear in the Internet routing table, and obviously should not appear as the source address in any packets you receive.