←back to thread

The internet is no longer a safe haven

(brainbaking.com)
253 points akyuu | 4 comments | 16 Nov 25 13:12 UTC | HN request time: 0.201s | source
Show context
qwertox ◴[16 Nov 25 15:43 UTC] No.45945900[source]
Since I moved my DNS records to Cloudflare (that is: nameserver is now the one from Cloudflare), I get tons of odd connections, most notably SYN packets to eihter 443 or 22, which never respond back after the SYN-ACK. They ping me once a second in average, distributing the IPs over a /24 network.

I really don't understand why they do this, and it's mostly some shady origins, like vps game server hoster from Brazil and so on.

I'm at the point where i capture all the traffic and looks for SYN packets, check the RDAP records for them to decide if I then drop the entire subnets of that organization, whitelisting things like Google.

Digital Ocean is notoriously a source of bad traffic, they just don't care at all.

replies(3): >>45946146 #>>45946726 #>>45947542 #
1. ranger_danger ◴[16 Nov 25 19:10 UTC] No.45947542[source]
> Digital Ocean is notoriously a source of bad traffic, they just don't care at all.

Why should it be an ISP's job to police what their users can and can't do? I really don't think you want service providers to start moderating things.

Does your electricity company ban the use of red light bulbs? Would everyone be ok with such restrictions?

replies(2): >>45947720 #>>45948038 #
2. selectodude ◴[16 Nov 25 19:32 UTC] No.45947720[source]
No but your electricity company will absolutely rat you out if your electricity usage skyrockets and the police will pop by to see if you’re running a grow op or something.
replies(2): >>45948826 #>>45949411 #
3. esseph ◴[16 Nov 25 22:02 UTC] No.45948826[source]
Not anymore (depending on the state, and not since LED grow lights).
4. ranger_danger ◴[16 Nov 25 23:27 UTC] No.45949411[source]
This is why I don't open the door for anyone. If the police really want in, they won't be using the doorbell anyways.