Security Incidents mailing list archives

Re: scan log and subsequent response from the host's ISP

From: goemon () SASAMI ANIME NET (Dan Hollis)
Date: Fri, 7 Jul 2000 15:11:24 -0700


On Fri, 7 Jul 2000, Michal Nazarewicz wrote:

Wednesday, Dan Hollis wrote:
DH>Hm time to blackhole route 212.216.184.0 - 212.216.191.255? Their response
DH>definitely makes them rogue.
I did it already; I think, it's time to blackhole also some of .kr and .br
networks...


At one time I might have included .pl in that list :-) Thankfully someone
seems to have taken a clue-by-four to the networks there. Someone hired
.it and .gr mafia to have a chat with .pl network admins? :-)

As for .kr / .br I think its mainly the language barriers causing
problems. Hopefully they will get clued in eventually. This is changing,
slowly, for .jp and .hk thanks to the herculean efforts of some of the
asia-pacific guys.

I think .cn is the only truly rogue TLD right now. Even .ru seems to be
coming around :-)

-Dan

Current thread:

Simultaneous Attacks, (continued)
- - Simultaneous Attacks Harlan S. Barney, Jr. (Jul 06)
    - Re: Simultaneous Attacks Valdis Kletnieks (Jul 07)
    - Re: Simultaneous Attacks Ryan Russell (Jul 07)
    - Ehm... what? (Re: Simultaneous Attacks) Martin Macok (Jul 11)
    - Re: Simultaneous Attacks Richard Bejtlich (Jul 11)
- Re: scan log and subsequent response from the host's ISP Ejovi Nuwere (Jul 06)
- Re: scan log and subsequent response from the host's ISP Brooke, O'Neil (Jul 06)
  - Re: scan log and subsequent response from the host's ISP Jason Storm (Jul 07)
  - 6200/tcp Werner Iknaroff-Zhikovsky (Jul 09)
- Re: scan log and subsequent response from the host's ISP Michal Nazarewicz (Jul 07)
  - Re: scan log and subsequent response from the host's ISP Dan Hollis (Jul 07)
    - Re: scan log and subsequent response from the host's ISP Michal Nazarewicz (Jul 07)
    - Re: scan log and subsequent response from the host's ISP Osvaldo Janeri Filho (Jul 10)
    - Intrusion, WuFTP exploit? David Knaack (Jul 07)
    - Re: scan log and subsequent response from the host's ISP Philipp Buehler (Jul 11)
  - Re: scan log and subsequent response from the host's ISP Pauel Loshkin (Jul 07)
    - Re: scan log and subsequent response from the host's ISP Dan Hollis (Jul 10)
    - Re: scan log and subsequent response from the host's ISP Pavel Lozhkin (Jul 10)
    - Snort (about large-udp attack) JW Oh (Jul 10)
  - lifestages on IRC Omicron N (Jul 09)
    - Re: lifestages on IRC Robert van der Meulen (Jul 10)

(Thread continues...)