German Traffic?

I read about GeoIP blocking in the Hardening Guide and decided to take a look at the firewall logs and the by-country graph. For January through November, I saw mostly the usual suspects (China, Russia). But so far in December, almost 70% of the hits have come from…Germany! It’s two addresses in particular which have been hitting me up every 30 seconds or so, 24/7. They are targeting a random range of high-number ports (in the 30,000s).

I’m just curious to see if anyone else has noticed similar activity - thanks.


I look up the ip’s, find the relevant abuse@ contact email and send them an email that such and such ip from your network is hitting me every 30 seconds, 24/7. It usually stops after a while.

Looks like some russian companies use german adresses now. and are registered to Comtrade LLC as german addresses. But comtrade is also a russian ISP.

Ah-ha. Yes, I’m being hit by I’ll send an email, for what it’s worth. Thank you!