An Extra Layer of Automated Network Protection
Around 1% of the source IPs that access our network make up more than 50% of penetration, hacking, and exploitation attempts. We automatically block these bad IPs to help protect our clients.
- IPs on this blocklist have hit our hundreds of honeypot IPs across 3 geographical locations.
- Our honeypots make up around 1% of our ASN.
- We prioritize protecting against attacks on 21/22/23/25/3389.
- Incero Shield is not a replacement for a customer managed firewall.
- Stats have a sample rate of 1:100, abuse attempts from an IP may be up to 100x larger than detailed below.
- We will only consider removal requests from our own clients in a support ticket, not from the ASN of the bad IP.
- We do not email reports to the bad IP owners as the massive abuse should be extremely obvious to the ASN owner already.
- ASN CSVs are available for ASN owners to monitor up to once per hour e.g. https://portal2.incero.com/publicaccess/shield/asn-12389.txt (example 1) (example 2) (example 3)
| IP | Attacks on 21/22/23/25/3389 | Attacks on Any Port | IPs Attacked on 21/22/23/25/3389 | IPs Attacked on Any Port | ASN | Net Info |
|---|---|---|---|---|---|---|
| 45.224.212.4 | 1304 | 1505 | 11 | 11 | 23650 | 23650 | CN | apnic | 2003-02-14 | CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN |
