This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] Abuse Report ignored. What to do as next?

Previous message (by thread): [anti-abuse-wg] Reminder Call For Agenda Items - RIPE87
Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

U.Mutlu security at mutluit.com
Tue Oct 31 21:55:52 CET 2023

Hello,

the IP 80.94.95.181 is endlessly (ie. brute-force) trying
to hack our emailserver by attempting to login as a user.
The login attempts of course fail, and we have blocked
that IP in the firewall.

But this IP still continues sending packets to our server,
eventhough his packets get dropped/rejected by our firewall.
This now of course constitutes a DoS attack.

10 days ago we filed an Abuse Report to the abuse address
given in the WHOIS database for this IP:
% Abuse contact for '80.94.95.0 - 80.94.95.255' is 
'internethosting-ltd at yandex.ru'

But this hoster seems to ignore all Abuse Reports,
b/c researching this IP on the web shows that
it's a well known abuser IP and many people have
reported and complained about this IP. For example see this:
https://www.abuseipdb.com/check/80.94.95.181

So, what to do if the hoster is uncooperative, like in this case?
Where else to complain, what else to do?

Thx

U.Mutlu
admin & hostmaster

Previous message (by thread): [anti-abuse-wg] Reminder Call For Agenda Items - RIPE87
Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]