Re: Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica
----- Original Message -----
From: "Andrew Latham" <lathama@gmail.com>
you wanted to say "blackhole those 5.45.72.0/22 and 5.45.76.0/22",
Jay is right, it is just the /32s at the moment... Dropping the /22s could cause other sites to be blocked.
inetnum: 5.45.72.0 - 5.45.75.255 netname: INFERNO-NL-DE descr: ******************************************************** descr: * We provide virtual and dedicated servers on this Subnet. descr: * descr: * Those services are self managed by our customers descr: * therefore, we are not using this IP space ourselves descr: * and it could be assigned to various end customers. descr: * descr: * In case of issues related with SPAM, Fraud, descr: * Phishing, DDoS, portscans or others, descr: * feel free to contact us with relevant info descr: * and we will shut down this server: abuse@3nt.com descr: ******************************************************** country: NL admin-c: TNTS-RIPE tech-c: TNTS-RIPE status: ASSIGNED PA mnt-by: MNT-3NT mnt-routes: serverius-mnt source: RIPE # Filtered
Though, for the record, I see I have ssh bruteforce in my logs this week from 5.39.223.8; what it is with 5/8 this month? Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
participants (1)
-
Jay Ashworth