This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] .gov .ru or .ch ?
- Previous message (by thread): [anti-abuse-wg] article
- Next message (by thread): [anti-abuse-wg] .gov .ru or .ch ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Fri Jun 30 07:53:34 CEST 2017
Hi All, Frequently I see new exploits, old exploits, plain old brute force and all scans from the same weird shell corporations. (of course I collect exploits, specially 0day, as they are very useful) Usually when I report hacking/security abuse (like a main bot, etc) most ISP's actually take a look and clean up, as it is bad for their network to have this there anyway.... But there are 'bullet proof' hackers as complaints never do anything, no matter how much logs and evidence is submitted. These are your government hackers, USA, China, Russia, etc. But, one of these bullet proof hackers is so k1dD13 that I have no clue what it could be (as the stuff they run, will never work, even on non patched servers/devices) - Yet complaints also have no result and the modus operandi is always the same... They have distributed small delegations, like /29 /28 /27 and on rare occasions a /26 and always registered to Kansas, USA For example IP number 69.30.255.107 Has anyone experienced anything similar and does anyone know what type of silly operation this is or what their goals could possibly be? Is it some AI learning thing? or a bit eater? or what? Andre
- Previous message (by thread): [anti-abuse-wg] article
- Next message (by thread): [anti-abuse-wg] .gov .ru or .ch ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]