I guess this is from the A Scanner Darkly Director's Cut

Previously, previously, previously.

Tags: ,

The Great Firehose of China is aimed at me again

Our friends in China took a dump on my server again this morning, despite the ~900 networks I had blocked in iptables.

I updated the list from here but that didn't help.

So I grabbed every IP that hit me this morning with an incorrect "Host:" header, constructed a /24 from that, and blocked that too. That was 3000+ netmasks, and is obviously not the right netmask, but it took the traffic down to a more manageable dull roar.

Has anyone yet worked out a more effective way of coping with this Chinese DNS poisoning?

I'm also really curious about how my IP keeps getting targeted. Are they really just picking a random number and I keep getting lucky, or is there some dickwad in a Chinese ISP smirking as he aims the firehose at me specifically? Is my blog or my bar considered counterrevolutionary?


Tags: , , ,

  • Previously