2 comments

[ 10.0 ms ] story [ 17.8 ms ] thread
Seems like this could be solved by escalating to banning a /64 after multiple bans have been issued.
Those sure are some wonky-looking addresses. None of them are even from the 2000::/3 global unicast prefix.

Seems more likely to be a bug than an attack, since an attacker would inject plausible-looking data that couldn't be filtered out so trivially.