Banshaku wrote:
koitsu wrote:
I was worried our firewall rules had blocked off part of Japan (APNIC just got a very large portion of IPv4 space assigned to them recently -- specifically 1.0.0.0/8). Naturally if that happens let me know.
I don't want to step on your employer's toes, so I'll have to recommend that follow their (albeit tough) policies.
For now there is still some holes and I guess they wouldn't see it but I shouldn't push my luck. Our company was bought by that big communication company in japan (you had experience with them before, that company starting with N) and the rules are becoming stricter every day.. At least it still not as worst as the main office.. It strict to the point that I cannot use my own computer at the office, even if it's not connected to the network.. So a remote destkop would be a big no no since it would be a security risk.
Since last november, no more access to the wiki ssh and no more working during lunch time on my hobby. That kind of suck when that was my only time left during the day to work on it.
Yep, said big communications corp. bought out the company I was working at, although overall not much changed -- but that's probably because said big communications corp. (at the time and even now AFAIK) has much larger presence in Japan than it does in the US. They bought us for our IP backbone more than anything.
Banshaku wrote:
You seems to imply that now your firewall rules were relaxed to some IP range in Japan. Maybe I should check if I can connect. Didn't try these days. I will let you know the results.
Edit:
Just tried, no luck. Oh well.
Actually, I was stating that they had become more strict. SSH is open to the world by default, but any time we see brute force attempts from anywhere, we start firewalling off network blocks.
What I was saying was that APNIC (Asia) just managed to get their hands on a very large network block from ARIN -- specifically 1.0.0.0/8 -- so I expect to start seeing more brute force SSH attempts from IPs within that block.
If SSH access doesn't work for you at present (from home or work), the easiest way for me to debug it is to talk to me in real-time. I'm available on MSN/Live, AIM, Yahoo, and ICQ (MSN/Live preferred). All my contact methods are in my profile here on the forum -- add me and we can work in real-time to find out what the IP address or network block is which I need to permit/add an exclusion for. :-)