我が家のインターネットメールの入り口が騒がしいので、メール用のポートにどこから不正アクセスが多いか調べてみた(アジアと北米を除く)
やり方は単純FreeBSDサーバーにブロックごとにIPFWでLOGを取って解析してみてどこからが多いか見た
(1位はC国、2位はUS、3位はK国 というのは不動。今回はAPNICとARIN管轄を除いてみた)
結果:アジアと北米以外ではヨーロッパからが多い(GBやDE,RU等)
ipfw denied packets:
+08920 599 35055 deny log ip from 2.0.0.0/8 to any
+08921 933 51176 deny log ip from 5.0.0.0/8 to any
+08923 464 26698 deny log ip from 31.0.0.0/8 to any
+08924 677 40268 deny log ip from 37.0.0.0/8 to any
+08925 449 24912 deny log ip from 41.0.0.0/8 to any
+08926 467 23538 deny log ip from 46.0.0.0/8 to any
+08927 1008 60569 deny log ip from 51.0.0.0/8 to any
+08929 44 2321 deny log ip from 57.0.0.0/8 to any
+08930 426 20387 deny log ip from 62.0.0.0/8 to any
+08931 1242 59361 deny log ip from 77.0.0.0/8 to any
+08932 10969 468495 deny log ip from 78.0.0.0/7 to any
+08934 372604 22181270 deny log ip from 80.0.0.0/4 to any
+08950 708 37364 deny log ip from 102.0.0.0/8 to any
+08951 433 22525 deny log ip from 105.0.0.0/8 to any
+08952 14518 594478 deny log ip from 109.0.0.0/8 to any
+08953 2307 341557 deny log ip from 141.0.0.0/8 to any
+08954 57 3378 deny log ip from 145.0.0.0/8 to any
+08955 10461 627660 deny log ip from 150.5.128.0/17 to any
+08956 157 9802 deny log ip from 151.0.0.0/8 to any
+08957 603 35781 deny log ip from 154.0.0.0/8 to any
+08958 5731 290405 deny log ip from 176.0.0.0/6 to any
+08962 984 51460 deny log ip from 181.0.0.0/8 to any
+08963 10464 676398 deny log ip from 185.0.0.0/8 to any
+08964 1048 61602 deny log ip from 186.0.0.0/7 to any
+08966 2892 153280 deny log ip from 188.0.0.0/6 to any
+08970 10429 577159 deny log ip from 193.0.0.0/8 to any
+08971 5335 278607 deny log ip from 194.0.0.0/7 to any
+08973 1528 77511 deny log ip from 196.0.0.0/7 to any
+08975 2362 144452 deny log ip from 199.0.0.0/8 to any
+08976 974 52485 deny log ip from 200.0.0.0/7 to any
+08978 1839 96057 deny log ip from 212.0.0.0/7 to any
+08980 14430 758485 deny log ip from 217.0.0.0/8 to any
