There are a host of well known (to security folks at the least) nuisance networks. This is a set of simple iptables rules to drop those networks as sources.
For ease of use, you can wget to grab the listing which is in the form:
-A INPUT -s ip-block/mask -j DROP
-A INPUT -s ip-block/mask -j DROP
-A INPUT -s ip-block/mask -j DROP
downloads available at:
Obviously you can sed/awk/perl your way into the final listing that fits your model better. Some other resources on blocking known bad traffic can be found over at:
Note that the list I have isn’t from either of these… but they are great resources none-the-less.
