I blocked China and Korea off my machine yesterday around lunch time. After 24 hours of these rules in place I have blocked 3500 packets already, thats shocking!
I scripted it all to block these countries and also to block a number of other things like proxy scanners from irc networks, windows networking ports etc. I simply drop the rules into a set using ipfw and move the temp set over the old set to activate the new rules, works a charm and enables me to rebuild the blocking rules regularly without disrupting my other rules.
Now I wonder what these 3500 packets were, so I might enable logging and do some stats on the stuff.
Hi,
We are experiencing the same problem with chinese and korean ppl - we are running a voice over ip service, and they managed to steal several paypal accounts , resulting in over 6000USD of fraudulent purchase - for the past 3 days we've been battling to blacklist IP addresses 1by1. But as they operate overnight, by the time we block the user, it's already too late .
Could you please kindly explain how to block china and korea in ipfw ?
Thanks in advance for your help.
AB