Re: Think that China is reading here to.

From: anders (andersajja_at_hotmail.com)
Date: 04/08/05


Date: Fri, 08 Apr 2005 08:01:02 GMT


"Moe Trin" <ibuprofin@painkiller.example.tld> skrev i meddelandet
news:slrnd5b52r.3lr.ibuprofin@compton.phx.az.us...
> In article <5%65e.21559$d5.158210@newsb.telia.net>, anders wrote:
>>
>>"Moe Trin" <ibuprofin@painkiller.example.tld> skrev i meddelandet
>>news:slrnd58fu8.uuu.ibuprofin@compton.phx.az.us...
>>> In article <UAR4e.21495$d5.157913@newsb.telia.net>, anders wrote:
>>>
>>>>Think that China is reading here to.
>>Becuse my firewall whas overrun by call's mostley att the 1026/1027
>>gate's,
>
> UDP or TCP?

61.172.249.200 was trying UDP

>>but there was onley this 61.172.249.200 that I counted for about 25
>>time's
>>and the other was only trying a couple time's and on different gate's.
>>There was even this attemt to install msql- worms and some overflow
>>attemts.
>>
>>> Why would you think that?
>
> I'm sorry, but I misunderstood your meaning. Actually I don't think
> that many people who are producing or running mal-ware really read this
> group that much.
>
>>> Well, that's great, but that's 18 addresses. You'd be abusing the
>>> whois server if you went step by step like that.
>
>>I will never abuse any whois or arpanet servers.
>
> Again, I misunderstood your meaning. In the history of blocklisting,
> things started out by blocking specific hosts that were being abusive.
> As more hosts from the same area of address space, people decided to try
> to block all space from an entity (a company, or ISP. or similar). As
> the problem got larger, some people have decided to block whole countries
> or even regions of the world.
>
> This is not an easy task, because address blocks were not assigned with
> this thought - looking at the block from 202.0.0.0 to 202.255.255.255, I
> see there are 2976 assignments to 45 different countries from the Western
> side of the Indian Ocean to Hawaii. There really is no pattern to the
> assignments. Also, many domain names do not reflect the country or region
> where they come from. There are literally thousands of companies with a
> .com
> domain in China or Chile or Belarus or Belize. Also as many have noticed,
> not all network administrators follow the rules that _require_ reverse
> DNS (IP to name) tables.
>
>>> [compton ~]$ grep -h CN IP.ADDR/stats/* | cut -d' ' -f2 | cut -d'.' -f1
>>> |
>>> sort | uniq -c | column
>
>>Sorry but this is like throwing pearl at a pig.
>
> First read as "throwing Perl at a pig" (Perl is called the "Swiss Army
> Chainsaw" of scripting languages). Actually, this is an example of the
> way Unix tools are used - each tool can do one task very well, but you
> can chain commands together to do what appear to be very complicated
> tasks.
> Perl is another tool that would also do the job, and is available in the
> Windows or Macintosh environment.

Yes I now that, but I do believe that you understand that it was not the
script-language I was thinking of in the first place.

>>I have find this book "Learning GNU/LINUX" by Linus Walleij who mybe can
>>get
>>me over the next hill.
>
> When you look at the hill, it seems VERY steep. Just take one step at a
> time,
> and you will reach the top of the hill. I have a number of years
> experience,
> and the reason I show the commands like above is so that people can see
> how it is done.

But like the child, I now there is something on the table, but I canīt get
it yet.

>>My knowledge is a bit poor but I am reding a lot here and on other
>>newsgroups, I have done this for almost a year now.
>
> Knowing how (or even why) to ask a whois server shows that you are
> learning
> well. Please continue. This is good!
>
> Old guy

Thankīs this is meaning a lot to me.
Andersajja