An Extra Layer of Automated Network Protection
Around 1% of the source IPs that access our network make up more than 50% of penetration, hacking, and exploitation attempts. We automatically block these bad IPs to help protect our clients.
- IPs on this blocklist have hit our hundreds of honeypot IPs across 3 geographical locations.
- Our honeypots make up around 1% of our ASN.
- We prioritize protecting against attacks on 21/22/23/25/3389.
- Incero Shield is not a replacement for a customer managed firewall.
- Stats have a sample rate of 1:100, abuse attempts from an IP may be up to 100x larger than detailed below.
- We will only consider removal requests from our own clients in a support ticket, not from the ASN of the bad IP.
- We do not email reports to the bad IP owners as the massive abuse should be extremely obvious to the ASN owner already.
- ASN CSVs are available for ASN owners to monitor up to once per hour e.g. https://portal2.incero.com/publicaccess/shield/asn-12389.txt (example 1) (example 2) (example 3)
|IP||Attacks on 21/22/23/25/3389||Attacks on Any Port||IPs Attacked on 21/22/23/25/3389||IPs Attacked on Any Port||ASN||Net Info|
|18.104.22.168||1304||1505||11||11||23650||23650 | CN | apnic | 2003-02-14 | CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN|