Our friends in China took a dump on my server again this morning, despite the ~900 networks I had blocked in iptables.

I updated the list from here but that didn't help.

So I grabbed every IP that hit me this morning with an incorrect "Host:" header, constructed a /24 from that, and blocked that too. That was 3000+ netmasks, and is obviously not the right netmask, but it took the traffic down to a more manageable dull roar.

Has anyone yet worked out a more effective way of coping with this Chinese DNS poisoning?

I'm also really curious about how my IP keeps getting targeted. Are they really just picking a random number and I keep getting lucky, or is there some dickwad in a Chinese ISP smirking as he aims the firehose at me specifically? Is my blog or my bar considered counterrevolutionary?

Previously.