Re: Think that China is reading here to.
From: anders (andersajja_at_hotmail.com)
Date: Fri, 08 Apr 2005 08:01:02 GMT
"Moe Trin" <email@example.com> skrev i meddelandet
> In article <firstname.lastname@example.org>, anders wrote:
>>"Moe Trin" <email@example.com> skrev i meddelandet
>>> In article <UAR4e.firstname.lastname@example.org>, anders wrote:
>>>>Think that China is reading here to.
>>Becuse my firewall whas overrun by call's mostley att the 1026/1027
> UDP or TCP?
184.108.40.206 was trying UDP
>>but there was onley this 220.127.116.11 that I counted for about 25
>>and the other was only trying a couple time's and on different gate's.
>>There was even this attemt to install msql- worms and some overflow
>>> Why would you think that?
> I'm sorry, but I misunderstood your meaning. Actually I don't think
> that many people who are producing or running mal-ware really read this
> group that much.
>>> Well, that's great, but that's 18 addresses. You'd be abusing the
>>> whois server if you went step by step like that.
>>I will never abuse any whois or arpanet servers.
> Again, I misunderstood your meaning. In the history of blocklisting,
> things started out by blocking specific hosts that were being abusive.
> As more hosts from the same area of address space, people decided to try
> to block all space from an entity (a company, or ISP. or similar). As
> the problem got larger, some people have decided to block whole countries
> or even regions of the world.
> This is not an easy task, because address blocks were not assigned with
> this thought - looking at the block from 18.104.22.168 to 22.214.171.124, I
> see there are 2976 assignments to 45 different countries from the Western
> side of the Indian Ocean to Hawaii. There really is no pattern to the
> assignments. Also, many domain names do not reflect the country or region
> where they come from. There are literally thousands of companies with a
> domain in China or Chile or Belarus or Belize. Also as many have noticed,
> not all network administrators follow the rules that _require_ reverse
> DNS (IP to name) tables.
>>> [compton ~]$ grep -h CN IP.ADDR/stats/* | cut -d' ' -f2 | cut -d'.' -f1
>>> sort | uniq -c | column
>>Sorry but this is like throwing pearl at a pig.
> First read as "throwing Perl at a pig" (Perl is called the "Swiss Army
> Chainsaw" of scripting languages). Actually, this is an example of the
> way Unix tools are used - each tool can do one task very well, but you
> can chain commands together to do what appear to be very complicated
> Perl is another tool that would also do the job, and is available in the
> Windows or Macintosh environment.
Yes I now that, but I do believe that you understand that it was not the
script-language I was thinking of in the first place.
>>I have find this book "Learning GNU/LINUX" by Linus Walleij who mybe can
>>me over the next hill.
> When you look at the hill, it seems VERY steep. Just take one step at a
> and you will reach the top of the hill. I have a number of years
> and the reason I show the commands like above is so that people can see
> how it is done.
But like the child, I now there is something on the table, but I canīt get
>>My knowledge is a bit poor but I am reding a lot here and on other
>>newsgroups, I have done this for almost a year now.
> Knowing how (or even why) to ask a whois server shows that you are
> well. Please continue. This is good!
> Old guy
Thankīs this is meaning a lot to me.