i got hit a few times from 188.8.131.52
so i do a whois and find out more korea fun.
i then look at my iptables entries for korea.
i have the following:
(root on email@example.com) (/etc/sysconfig)
> iptables -nvL | grep 211 | grep 104
0 0 DROP all -- * * 184.108.40.206/13 0.0.0.0/0
now a 220.127.116.11/13 will kill all up to 18.104.22.168
so 211.108 should easily be in that range.
so HOW did i get any attacks at all?