Menu
What's new
By:
Filters Better Search

Skynet 185.200.118.0/24 ban range - OpenVPN server intrusion attempts

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

kernol

kernol

Very Senior Member
Just curious ... my openvpn.log includes daily attempts from random ip's within the above range.
Some of the ip's used [like the most recent 185.200.118.83] are in the skynet blacklist - while others are not - so I opted to "ban" the entire range.
Despite being in the skynet blacklist - the ip address mentioned was not blocked by skynet - but the login attempt failed anyway.

Anyone else being hit by the range mentioned?
 
I saw your reports on Abuse IPBD just now , that IP was auto banned by TURRIS a few days ago. I have seen it in the mini pot and honeypot this morning trying multiple credential attacks.

This one 80.243.181.81 needs watching, 223 attempts on SSH in the honey pot so far today.
 
Negative on any of my routers, thanks for pointing it out. :)
 
I had been blocking that range. But moving the OpenVPN server to a non-standard port solves the problem without requiring any scripts. ;)

www.snbforums.com

AC3100 / 380.70 Block incoming IP

I am getting frequent incoming connection attempts to connect to my OVPN server from 185.200.118.0/24 . I do have certificate security setup so it should be fairly secure but I would like to eliminate it completely. I have found several relatively complex posts with scripts to address similar...
www.snbforums.com www.snbforums.com
 
Last edited:
ColinTaylor said:
I had been blocking that range. But moving the OpenVPN server to a non-standard port solves the problem without requiring any scripts. ;)

www.snbforums.com

AC3100 / 380.70 Block incoming IP

I am getting frequent incoming connection attempts to connect to my OVPN server from 185.200.118.0/24 . I do have certificate security setup so it should be fairly secure but I would like to eliminate it completely. I have found several relatively complex posts with scripts to address similar...
www.snbforums.com www.snbforums.com
Click to expand...
Thanks Colin - always best to use non-standard ports I guess ... so thanks for that reminder :cool:.
ISP should action - offender not just port scanning ... definitely trying to intrude :mad:!
 
kernol said:
Just curious ... my openvpn.log includes daily attempts from random ip's within the above range.
Some of the ip's used [like the most recent 185.200.118.83] are in the skynet blacklist - while others are not - so I opted to "ban" the entire range.
Despite being in the skynet blacklist - the ip address mentioned was not blocked by skynet - but the login attempt failed anyway.

Anyone else being hit by the range mentioned?
Click to expand...
Nothing in my logs from that IP or range.

Only one attempt on the port my server is using.
 
kernol said:
Just curious ... my openvpn.log includes daily attempts from random ip's within the above range.
Some of the ip's used [like the most recent 185.200.118.83] are in the skynet blacklist - while others are not - so I opted to "ban" the entire range.
Despite being in the skynet blacklist - the ip address mentioned was not blocked by skynet - but the login attempt failed anyway.

Anyone else being hit by the range mentioned?
Click to expand...
I get some hits to:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
79 3190 DROP all -- eth0 any no-mans-land.m247.com/24 anywhere
Click to expand...
 
You must log in or register to reply here.

Similar threads

N
Skynet Skynet Autobanning Failed Login Attempts?
Replies
0
Views
578
ninjada
N
Yiannis
Skynet Help me understand Skynet's outbound blocked connection
Replies
6
Views
2K
Yiannis
Yiannis
Pachacouti
  • Locked
Wha-ever is this?
2 3
Replies
45
Views
4K
thiggins
thiggins
ThePooBurner
Is there a script for configuring VLANs?
2
Replies
22
Views
10K
QuietWon
Q
M
How-to for switching to bi-directional router-to-router OpenVPN
Replies
0
Views
4K
maxbraketorque
M

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 835 (members: 26, guests: 809)
Top