of course, but I need to access my freenas box from outside of my LAN....so I tell it to forward traffic for port X (ssh port) to my freenas box. I'm not sure what you're getting at.
this is a fairly common issue per google searches, I was just curious to see what others were doing with freenas to help mitigate the issue.
Ok, so you did configure it... Most of my previous comments were assuming you had not!
Ok... So like I said, I do this also, but I run it on a port way up in the 20k range, and it goes to a locked down VM, not directly to the NAS. When I'm out and about (work, camping, etc...) I have to either add -p <port> or have to edit my ssh_config to use the oddball port. Between that and not allowing password auth, and the hardening in the link I sent earlier, I've been pretty immune. I strongly recommend not connecting to the NAS sshd directly, use a jump VM or a jail, and make use of -L 22:<host>:22 as needed.
Adding in a black list of some sort helps, but it's hard to do without some kind of subscription. The other option here is whitelisting, where you derive some list of address blocks you access the NAS from, and then blacklist everything else. There are 4+ billion addresses in the IPv4 space, so even if you whitelist 100 million of them, you've narrowed your attack surface by 90%+... I like to do stuff like this by ASN number. A great site to do this by is:
https://asn.ipinfo.app/
or it's predecessor site:
https://www.enjen.net/asn-blocklist/index.php
You can determine the ASN for an IP address via:
/usr/bin/whois -h whois.cymru.com $IP |/usr/bin/tail -1 | awk '{ print $1 }'
Then feed that ASN number into the asn-blocklist and get a full map. So, for example, one of the IP addresses attacking you, 130.61.58.126, is AS31898, which is owned by the Oracle Corporation. I'll hazard a guess you're getting attacked from Oracle Cloud... But punch that in and you get a rather large map to block:
Code:
iptables -A INPUT -s 138.1.28.0/22 -j DROP
iptables -A INPUT -s 158.101.0.0/16 -j DROP
iptables -A INPUT -s 192.29.8.0/22 -j DROP
iptables -A INPUT -s 140.91.214.0/23 -j DROP
iptables -A INPUT -s 132.145.88.0/21 -j DROP
iptables -A INPUT -s 132.145.48.0/20 -j DROP
iptables -A INPUT -s 129.146.208.0/21 -j DROP
iptables -A INPUT -s 130.35.148.0/22 -j DROP
iptables -A INPUT -s 140.204.6.0/23 -j DROP
iptables -A INPUT -s 134.70.16.0/23 -j DROP
iptables -A INPUT -s 138.1.128.0/20 -j DROP
iptables -A INPUT -s 129.213.96.0/20 -j DROP
iptables -A INPUT -s 147.154.208.0/21 -j DROP
iptables -A INPUT -s 130.61.0.0/16 -j DROP
iptables -A INPUT -s 130.61.48.0/20 -j DROP
iptables -A INPUT -s 129.146.16.0/23 -j DROP
iptables -A INPUT -s 130.61.112.0/21 -j DROP
iptables -A INPUT -s 138.1.0.0/22 -j DROP
iptables -A INPUT -s 129.146.144.0/20 -j DROP
iptables -A INPUT -s 132.145.176.0/20 -j DROP
iptables -A INPUT -s 129.213.136.0/22 -j DROP
iptables -A INPUT -s 134.70.48.0/23 -j DROP
iptables -A INPUT -s 140.91.34.0/23 -j DROP
iptables -A INPUT -s 130.35.132.0/22 -j DROP
iptables -A INPUT -s 132.145.192.0/21 -j DROP
iptables -A INPUT -s 138.1.224.0/20 -j DROP
iptables -A INPUT -s 129.213.80.0/20 -j DROP
iptables -A INPUT -s 132.145.72.0/21 -j DROP
iptables -A INPUT -s 130.35.180.0/22 -j DROP
iptables -A INPUT -s 130.61.32.0/20 -j DROP
iptables -A INPUT -s 140.204.12.0/23 -j DROP
iptables -A INPUT -s 130.61.7.0/24 -j DROP
iptables -A INPUT -s 130.61.16.0/20 -j DROP
iptables -A INPUT -s 140.204.16.0/23 -j DROP
iptables -A INPUT -s 144.25.40.0/22 -j DROP
iptables -A INPUT -s 129.146.96.0/20 -j DROP
iptables -A INPUT -s 134.70.8.0/23 -j DROP
ip6tables -A INPUT -s 2603:c011:4000::/36 -j DROP
iptables -A INPUT -s 138.1.84.0/22 -j DROP
iptables -A INPUT -s 129.146.48.0/21 -j DROP
iptables -A INPUT -s 144.25.36.0/22 -j DROP
iptables -A INPUT -s 134.70.40.0/23 -j DROP
iptables -A INPUT -s 132.145.128.0/20 -j DROP
iptables -A INPUT -s 130.35.24.0/22 -j DROP
iptables -A INPUT -s 130.61.72.0/21 -j DROP
iptables -A INPUT -s 192.29.36.0/22 -j DROP
iptables -A INPUT -s 129.213.160.0/21 -j DROP
iptables -A INPUT -s 144.25.60.0/22 -j DROP
iptables -A INPUT -s 129.146.28.0/22 -j DROP
iptables -A INPUT -s 138.1.76.0/22 -j DROP
iptables -A INPUT -s 132.145.64.0/23 -j DROP
iptables -A INPUT -s 192.29.32.0/22 -j DROP
iptables -A INPUT -s 140.91.206.0/23 -j DROP
iptables -A INPUT -s 129.213.2.0/23 -j DROP
iptables -A INPUT -s 144.25.44.0/22 -j DROP
iptables -A INPUT -s 130.61.8.0/21 -j DROP
iptables -A INPUT -s 132.145.240.0/21 -j DROP
iptables -A INPUT -s 138.1.208.0/20 -j DROP
iptables -A INPUT -s 132.145.116.0/22 -j DROP
iptables -A INPUT -s 129.213.16.0/20 -j DROP
iptables -A INPUT -s 140.238.168.0/21 -j DROP
iptables -A INPUT -s 144.25.24.0/22 -j DROP
iptables -A INPUT -s 132.145.84.0/22 -j DROP
iptables -A INPUT -s 130.35.64.0/20 -j DROP
iptables -A INPUT -s 144.25.64.0/22 -j DROP
iptables -A INPUT -s 129.146.160.0/22 -j DROP
iptables -A INPUT -s 129.146.0.0/16 -j DROP
iptables -A INPUT -s 130.35.220.0/22 -j DROP
iptables -A INPUT -s 130.61.64.0/21 -j DROP
iptables -A INPUT -s 144.25.16.0/22 -j DROP
iptables -A INPUT -s 129.213.208.0/21 -j DROP
iptables -A INPUT -s 129.213.152.0/21 -j DROP
iptables -A INPUT -s 140.91.32.0/23 -j DROP
iptables -A INPUT -s 129.146.176.0/20 -j DROP
iptables -A INPUT -s 144.25.20.0/22 -j DROP
iptables -A INPUT -s 138.1.100.0/22 -j DROP
iptables -A INPUT -s 147.154.240.0/20 -j DROP
iptables -A INPUT -s 140.91.208.0/23 -j DROP
iptables -A INPUT -s 134.70.26.0/23 -j DROP
iptables -A INPUT -s 138.1.92.0/22 -j DROP
iptables -A INPUT -s 130.61.128.0/17 -j DROP
iptables -A INPUT -s 130.61.104.0/21 -j DROP
iptables -A INPUT -s 132.145.144.0/20 -j DROP
iptables -A INPUT -s 147.154.96.0/20 -j DROP
iptables -A INPUT -s 140.91.40.0/23 -j DROP
iptables -A INPUT -s 129.146.64.0/21 -j DROP
iptables -A INPUT -s 130.35.136.0/22 -j DROP
iptables -A INPUT -s 134.70.84.0/23 -j DROP
iptables -A INPUT -s 138.1.144.0/20 -j DROP
iptables -A INPUT -s 129.213.0.0/23 -j DROP
iptables -A INPUT -s 132.145.200.0/21 -j DROP
iptables -A INPUT -s 140.91.36.0/23 -j DROP
iptables -A INPUT -s 140.204.8.0/23 -j DROP
iptables -A INPUT -s 129.213.176.0/20 -j DROP
iptables -A INPUT -s 134.70.14.0/23 -j DROP
iptables -A INPUT -s 147.154.160.0/20 -j DROP
iptables -A INPUT -s 192.29.16.0/22 -j DROP
iptables -A INPUT -s 130.35.176.0/22 -j DROP
iptables -A INPUT -s 140.204.22.0/23 -j DROP
ip6tables -A INPUT -s 2603:c002:8a00::/40 -j DROP
iptables -A INPUT -s 129.146.56.0/21 -j DROP
iptables -A INPUT -s 130.35.20.0/22 -j DROP
iptables -A INPUT -s 132.145.16.0/20 -j DROP
iptables -A INPUT -s 132.145.68.0/22 -j DROP
iptables -A INPUT -s 130.61.0.0/23 -j DROP
iptables -A INPUT -s 132.145.80.0/22 -j DROP
ip6tables -A INPUT -s 2603:c001:1410::/44 -j DROP
iptables -A INPUT -s 147.154.224.0/20 -j DROP
iptables -A INPUT -s 134.70.78.0/23 -j DROP
iptables -A INPUT -s 132.145.108.0/22 -j DROP
iptables -A INPUT -s 140.91.16.0/23 -j DROP
iptables -A INPUT -s 132.145.224.0/21 -j DROP
iptables -A INPUT -s 132.145.96.0/21 -j DROP
iptables -A INPUT -s 138.1.20.0/22 -j DROP
iptables -A INPUT -s 140.204.24.0/23 -j DROP
iptables -A INPUT -s 134.70.50.0/23 -j DROP
iptables -A INPUT -s 129.146.40.0/22 -j DROP
iptables -A INPUT -s 129.146.18.0/23 -j DROP
iptables -A INPUT -s 129.146.224.0/21 -j DROP
iptables -A INPUT -s 147.154.64.0/21 -j DROP
iptables -A INPUT -s 132.145.112.0/22 -j DROP
iptables -A INPUT -s 140.204.20.0/23 -j DROP
iptables -A INPUT -s 129.213.239.0/24 -j DROP
iptables -A INPUT -s 134.70.64.0/23 -j DROP
iptables -A INPUT -s 129.146.164.0/22 -j DROP
iptables -A INPUT -s 129.146.128.0/20 -j DROP
iptables -A INPUT -s 129.213.0.0/16 -j DROP
iptables -A INPUT -s 138.1.72.0/22 -j DROP
iptables -A INPUT -s 147.154.0.0/20 -j DROP
iptables -A INPUT -s 147.154.176.0/20 -j DROP
iptables -A INPUT -s 138.1.80.0/22 -j DROP
iptables -A INPUT -s 132.145.7.0/24 -j DROP
iptables -A INPUT -s 129.146.14.0/24 -j DROP
iptables -A INPUT -s 138.1.104.0/22 -j DROP
iptables -A INPUT -s 129.146.80.0/21 -j DROP
iptables -A INPUT -s 140.91.200.0/23 -j DROP
iptables -A INPUT -s 130.35.216.0/22 -j DROP
iptables -A INPUT -s 140.91.20.0/23 -j DROP
iptables -A INPUT -s 134.70.74.0/23 -j DROP
iptables -A INPUT -s 130.61.6.0/24 -j DROP
iptables -A INPUT -s 140.91.212.0/23 -j DROP
iptables -A INPUT -s 134.70.24.0/23 -j DROP
iptables -A INPUT -s 129.213.7.0/24 -j DROP
iptables -A INPUT -s 130.35.192.0/22 -j DROP
iptables -A INPUT -s 147.154.144.0/20 -j DROP
iptables -A INPUT -s 129.146.44.0/22 -j DROP
iptables -A INPUT -s 140.238.0.0/20 -j DROP
iptables -A INPUT -s 138.1.12.0/22 -j DROP
iptables -A INPUT -s 140.204.26.0/23 -j DROP
iptables -A INPUT -s 144.25.28.0/22 -j DROP
iptables -A INPUT -s 138.1.96.0/22 -j DROP
iptables -A INPUT -s 140.91.30.0/23 -j DROP
iptables -A INPUT -s 134.70.60.0/23 -j DROP
iptables -A INPUT -s 147.154.200.0/21 -j DROP
iptables -A INPUT -s 129.213.112.0/20 -j DROP
iptables -A INPUT -s 129.146.8.0/23 -j DROP
iptables -A INPUT -s 130.35.80.0/20 -j DROP
iptables -A INPUT -s 129.146.24.0/22 -j DROP
ip6tables -A INPUT -s 2603:c001:1400::/39 -j DROP
iptables -A INPUT -s 129.146.168.0/22 -j DROP
iptables -A INPUT -s 140.204.10.0/23 -j DROP
iptables -A INPUT -s 138.1.16.0/22 -j DROP
iptables -A INPUT -s 144.25.52.0/22 -j DROP
iptables -A INPUT -s 129.146.72.0/21 -j DROP
ip6tables -A INPUT -s 2603:c002:a10::/44 -j DROP
iptables -A INPUT -s 129.146.232.0/21 -j DROP
iptables -A INPUT -s 138.1.64.0/22 -j DROP
iptables -A INPUT -s 192.29.20.0/22 -j DROP
iptables -A INPUT -s 132.145.120.0/21 -j DROP
iptables -A INPUT -s 138.1.240.0/20 -j DROP
iptables -A INPUT -s 147.154.72.0/21 -j DROP
iptables -A INPUT -s 129.213.200.0/21 -j DROP
ip6tables -A INPUT -s 2603:c002:a00::/40 -j DROP
iptables -A INPUT -s 134.70.72.0/23 -j DROP
iptables -A INPUT -s 130.35.28.0/22 -j DROP
iptables -A INPUT -s 129.146.20.0/22 -j DROP
iptables -A INPUT -s 140.204.4.0/23 -j DROP
iptables -A INPUT -s 147.154.48.0/20 -j DROP
iptables -A INPUT -s 129.213.32.0/20 -j DROP
iptables -A INPUT -s 140.91.8.0/23 -j DROP
iptables -A INPUT -s 140.91.6.0/23 -j DROP
iptables -A INPUT -s 140.91.22.0/23 -j DROP
iptables -A INPUT -s 132.145.104.0/22 -j DROP
iptables -A INPUT -s 138.1.160.0/20 -j DROP
iptables -A INPUT -s 132.145.4.0/23 -j DROP
iptables -A INPUT -s 140.91.194.0/23 -j DROP
iptables -A INPUT -s 192.29.56.0/21 -j DROP
iptables -A INPUT -s 132.145.0.0/23 -j DROP
iptables -A INPUT -s 144.25.32.0/22 -j DROP
iptables -A INPUT -s 140.91.38.0/23 -j DROP
iptables -A INPUT -s 130.61.98.0/23 -j DROP
iptables -A INPUT -s 134.70.94.0/23 -j DROP
iptables -A INPUT -s 130.35.208.0/22 -j DROP
iptables -A INPUT -s 144.25.80.0/20 -j DROP
iptables -A INPUT -s 129.146.88.0/21 -j DROP
iptables -A INPUT -s 134.70.98.0/23 -j DROP
iptables -A INPUT -s 134.70.76.0/23 -j DROP
iptables -A INPUT -s 140.91.196.0/23 -j DROP
iptables -A INPUT -s 129.146.36.0/22 -j DROP
iptables -A INPUT -s 138.1.192.0/20 -j DROP
iptables -A INPUT -s 134.70.46.0/23 -j DROP
ip6tables -A INPUT -s 2603:c002:a00::/44 -j DROP
iptables -A INPUT -s 130.35.48.0/20 -j DROP
iptables -A INPUT -s 140.91.24.0/23 -j DROP
iptables -A INPUT -s 192.29.48.0/21 -j DROP
iptables -A INPUT -s 138.1.4.0/22 -j DROP
iptables -A INPUT -s 129.146.32.0/22 -j DROP
iptables -A INPUT -s 129.213.48.0/20 -j DROP
iptables -A INPUT -s 192.29.96.0/20 -j DROP
iptables -A INPUT -s 140.91.14.0/23 -j DROP
iptables -A INPUT -s 140.91.204.0/23 -j DROP
iptables -A INPUT -s 134.70.96.0/23 -j DROP
iptables -A INPUT -s 140.204.18.0/23 -j DROP
iptables -A INPUT -s 129.213.132.0/22 -j DROP
iptables -A INPUT -s 134.70.10.0/23 -j DROP
iptables -A INPUT -s 144.25.68.0/22 -j DROP
iptables -A INPUT -s 129.146.240.0/20 -j DROP
iptables -A INPUT -s 129.146.172.0/22 -j DROP
iptables -A INPUT -s 134.70.90.0/23 -j DROP
iptables -A INPUT -s 132.145.66.0/23 -j DROP
iptables -A INPUT -s 193.122.0.0/15 -j DROP
iptables -A INPUT -s 134.70.88.0/23 -j DROP
iptables -A INPUT -s 129.146.13.0/24 -j DROP
iptables -A INPUT -s 129.213.232.0/24 -j DROP
iptables -A INPUT -s 130.35.140.0/22 -j DROP
iptables -A INPUT -s 130.35.196.0/22 -j DROP
iptables -A INPUT -s 147.154.128.0/20 -j DROP
iptables -A INPUT -s 130.61.120.0/21 -j DROP
iptables -A INPUT -s 129.213.4.0/23 -j DROP
iptables -A INPUT -s 134.70.56.0/23 -j DROP
iptables -A INPUT -s 130.35.96.0/21 -j DROP
iptables -A INPUT -s 130.35.16.0/22 -j DROP
iptables -A INPUT -s 134.70.66.0/23 -j DROP
iptables -A INPUT -s 129.146.216.0/21 -j DROP
iptables -A INPUT -s 129.213.6.0/24 -j DROP
iptables -A INPUT -s 134.70.18.0/23 -j DROP
iptables -A INPUT -s 140.204.14.0/23 -j DROP
ip6tables -A INPUT -s 2603:c002:8a00::/44 -j DROP
iptables -A INPUT -s 130.35.184.0/22 -j DROP
iptables -A INPUT -s 138.1.32.0/21 -j DROP
iptables -A INPUT -s 147.154.80.0/21 -j DROP
iptables -A INPUT -s 130.35.104.0/21 -j DROP
iptables -A INPUT -s 132.145.6.0/24 -j DROP
iptables -A INPUT -s 132.145.8.0/21 -j DROP
iptables -A INPUT -s 168.138.0.0/16 -j DROP
iptables -A INPUT -s 134.70.82.0/23 -j DROP
iptables -A INPUT -s 138.1.48.0/21 -j DROP
iptables -A INPUT -s 130.35.200.0/22 -j DROP
iptables -A INPUT -s 134.70.32.0/23 -j DROP
iptables -A INPUT -s 138.1.24.0/22 -j DROP
iptables -A INPUT -s 192.29.0.0/21 -j DROP
iptables -A INPUT -s 130.35.212.0/22 -j DROP
iptables -A INPUT -s 134.70.80.0/23 -j DROP
iptables -A INPUT -s 134.70.12.0/23 -j DROP
iptables -A INPUT -s 140.91.4.0/23 -j DROP
iptables -A INPUT -s 140.204.0.0/23 -j DROP
iptables -A INPUT -s 129.213.64.0/20 -j DROP
iptables -A INPUT -s 129.213.144.0/21 -j DROP
ip6tables -A INPUT -s 2603:c002:8a10::/44 -j DROP
iptables -A INPUT -s 130.35.112.0/22 -j DROP
iptables -A INPUT -s 140.204.2.0/23 -j DROP
iptables -A INPUT -s 140.238.128.0/20 -j DROP
ip6tables -A INPUT -s 2603:c001:1400::/44 -j DROP
iptables -A INPUT -s 129.213.192.0/21 -j DROP
iptables -A INPUT -s 130.35.144.0/22 -j DROP
iptables -A INPUT -s 152.67.0.0/16 -j DROP
iptables -A INPUT -s 130.35.240.0/20 -j DROP
iptables -A INPUT -s 138.1.40.0/21 -j DROP
iptables -A INPUT -s 134.70.30.0/23 -j DROP
iptables -A INPUT -s 147.154.16.0/20 -j DROP
iptables -A INPUT -s 147.154.192.0/21 -j DROP
iptables -A INPUT -s 130.61.100.0/22 -j DROP
iptables -A INPUT -s 140.91.210.0/23 -j DROP
iptables -A INPUT -s 130.35.0.0/22 -j DROP
iptables -A INPUT -s 132.145.208.0/21 -j DROP
iptables -A INPUT -s 134.70.34.0/23 -j DROP
iptables -A INPUT -s 132.145.248.0/21 -j DROP
iptables -A INPUT -s 129.213.8.0/21 -j DROP
iptables -A INPUT -s 130.35.4.0/22 -j DROP
iptables -A INPUT -s 130.61.88.0/21 -j DROP
iptables -A INPUT -s 140.91.10.0/23 -j DROP
iptables -A INPUT -s 140.238.32.0/20 -j DROP
iptables -A INPUT -s 134.70.28.0/23 -j DROP
iptables -A INPUT -s 132.145.32.0/20 -j DROP
iptables -A INPUT -s 134.70.92.0/23 -j DROP
iptables -A INPUT -s 144.25.56.0/22 -j DROP
iptables -A INPUT -s 132.145.2.0/23 -j DROP
iptables -A INPUT -s 134.70.44.0/23 -j DROP
iptables -A INPUT -s 134.70.62.0/23 -j DROP
iptables -A INPUT -s 132.145.232.0/21 -j DROP
iptables -A INPUT -s 130.35.232.0/21 -j DROP
iptables -A INPUT -s 140.91.12.0/23 -j DROP
iptables -A INPUT -s 144.25.72.0/22 -j DROP
iptables -A INPUT -s 130.61.2.0/23 -j DROP
iptables -A INPUT -s 129.146.4.0/22 -j DROP
ip6tables -A INPUT -s 2603:c000:a00::/40 -j DROP
iptables -A INPUT -s 140.238.64.0/19 -j DROP
iptables -A INPUT -s 130.35.8.0/22 -j DROP
iptables -A INPUT -s 129.146.0.0/22 -j DROP
iptables -A INPUT -s 130.61.4.0/23 -j DROP
iptables -A INPUT -s 140.238.160.0/21 -j DROP
iptables -A INPUT -s 151.104.0.0/16 -j DROP
iptables -A INPUT -s 134.70.86.0/23 -j DROP
iptables -A INPUT -s 138.1.88.0/22 -j DROP
iptables -A INPUT -s 138.1.176.0/20 -j DROP
iptables -A INPUT -s 130.61.80.0/21 -j DROP
iptables -A INPUT -s 130.35.204.0/22 -j DROP
iptables -A INPUT -s 147.154.112.0/20 -j DROP
iptables -A INPUT -s 130.35.188.0/22 -j DROP
iptables -A INPUT -s 140.91.26.0/23 -j DROP
iptables -A INPUT -s 132.145.216.0/21 -j DROP
iptables -A INPUT -s 144.25.48.0/22 -j DROP
iptables -A INPUT -s 129.213.168.0/21 -j DROP
iptables -A INPUT -s 134.70.42.0/23 -j DROP
iptables -A INPUT -s 129.213.128.0/22 -j DROP
iptables -A INPUT -s 138.1.68.0/22 -j DROP
iptables -A INPUT -s 140.91.198.0/23 -j DROP
iptables -A INPUT -s 130.35.12.0/22 -j DROP
iptables -A INPUT -s 134.70.58.0/23 -j DROP
iptables -A INPUT -s 130.35.156.0/22 -j DROP
iptables -A INPUT -s 140.91.202.0/23 -j DROP
iptables -A INPUT -s 129.213.140.0/22 -j DROP
iptables -A INPUT -s 144.25.76.0/22 -j DROP
iptables -A INPUT -s 129.146.12.0/24 -j DROP
iptables -A INPUT -s 129.146.112.0/20 -j DROP
iptables -A INPUT -s 147.154.32.0/20 -j DROP
ip6tables -A INPUT -s 2603:c022:8000::/35 -j DROP
iptables -A INPUT -s 130.35.128.0/22 -j DROP
iptables -A INPUT -s 129.146.10.0/23 -j DROP
iptables -A INPUT -s 138.1.8.0/22 -j DROP
iptables -A INPUT -s 130.35.120.0/21 -j DROP
iptables -A INPUT -s 130.61.96.0/23 -j DROP
iptables -A INPUT -s 132.145.160.0/20 -j DROP
iptables -A INPUT -s 129.146.192.0/20 -j DROP
iptables -A INPUT -s 140.91.28.0/23 -j DROP
iptables -A INPUT -s 130.35.224.0/22 -j DROP
iptables -A INPUT -s 150.136.0.0/16 -j DROP
iptables -A INPUT -s 140.91.18.0/23 -j DROP
iptables -A INPUT -s 130.35.152.0/22 -j DROP
So it's kind like fighting a war with nuclear weapons, you have to choose your collateral damage carefully. You probably can't get away with blocking the entire AS31898 map. But you might be able to block the 130.61.0.0/16, or the individual address. But if it was a colo in Hong Kong, you might dispose of the entire ASN and never have a care.