[Nottingham] NTL ip address ranges
Martin
martin at ml1.co.uk
Sun Oct 19 14:22:38 BST 2003
Still stuck for time so a quick very effective fix is this for the
blacklist:
81.96.0.0/12 icmp 8
81.96.0.0/12 tcp 53,139,445,1026,1214,2439
81.96.0.0/12 udp 1434
I'm still getting hit by spasmodically increased MS-Worm stuff, but at
least it isn't swamping my logs. The above rules have chopped off all
but a few (<10) of the drop reports, down from a few thousand per day.
(And note that http isn't clobbered...)
Looks like NTL need to try to educated a few more of their customers.
Martin wrote:
> Paul Sladen wrote:
[...]
>>
>> Hmmm. Are you wanting me to unleash my scathe for ICMP-droppers, too?
>
>
> Go on then! When I'm not running any web visible servers, nor playing
> p2p, nor any other web visible stuff, why have ping enabled for the
> MS-Worms to get all enthusiastic about me?
>
?
[...]
>> HTH, HAND,
>
> OK, I'm definitely being too dim to decode those TLA & ETLA gooks.
?
Cheers,
Martin
--
----------------
Martin Lomas
martin at ml1.co.uk
----------------
More information about the Nottingham
mailing list