Web lists-archives.com

Re: Legacy niggle ...




September 4 2018 9:45 PM, "Jonesy via php-general" <php-general@xxxxxxxxxxxxx> wrote:
> On Fri, 31 Aug 2018 22:44:39 +0100, Lester Caine wrote:
> 
>> And now to screw the sod on 139.199.103.154 who is trying to hack the
>> MySQL server!
> 
> inetnum: 139.199.0.0 - 139.199.255.255
> netname: TencentCloud
> descr: Tencent cloud computing (Beijing) Co., Ltd.
> 
> /etc/hosts.allow;
> 
> ALL : 139.199. : deny
> 
> Jonesy

sudo iptables -A INPUT -s 139.199.0.0/16 -d <destination ip or interface> -j DROP

works as a reverse denial of service.  they open a socket.  your system silently drops the connection. the calling system will open a ton of sockets waiting for acks to its syn packets and will get crickets.

--Curtis