What is the ip range of EC2
- by Nicolas Kassis
I'd like to setup a rule to block ssh request from EC2 since I've been seeing a large amount of ssh based attack from there and was wondering if anyone knew what their IP ranges are.
EDIT:
Thank you for the answer, I went ahead and implemented the iptables rules as follow. I ignore all traffic for the moment. Logging it just to see if the rules are working and for stats on how much crap EC2 is sending out ;)
#EC2 Blacklist
$IPTBLS -A INPUT -s 67.202.0.0/18 -j LOG --log-prefix "<firewall> EC2 traffic "
$IPTBLS -A INPUT -s 67.202.0.0/18 -j DROP
$IPTBLS -A INPUT -s 72.44.32.0/19 -j LOG --log-prefix "<firewall> EC2 traffic "
$IPTBLS -A INPUT -s 72.44.32.0/19 -j DROP
$IPTBLS -A INPUT -s 75.101.128.0/17 -j LOG --log-prefix "<firewall> EC2 traffic
"
$IPTBLS -A INPUT -s 75.101.128.0/17 -j DROP
$IPTBLS -A INPUT -s 174.129.0.0/16 -j LOG --log-prefix "<firewall> EC2 traffic "
$IPTBLS -A INPUT -s 174.129.0.0/16 -j DROP
$IPTBLS -A INPUT -s 204.236.192.0/18 -j LOG --log-prefix "<firewall> EC2 traffic
"
$IPTBLS -A INPUT -s 204.236.192.0/18 -j DROP
$IPTBLS -A INPUT -s 204.236.224.0/19 -j LOG --log-prefix "<firewall> EC2 traffic
"
$IPTBLS -A INPUT -s 204.236.224.0/19 -j DROP
$IPTBLS -A INPUT -s 79.125.0.0/17 -j LOG --log-prefix "<firewall> EC2 traffic "
$IPTBLS -A INPUT -s 79.125.0.0/17 -j DROP