Security Incidents mailing list archives
Re: big increase in ftp scanning
From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Sun, 12 Nov 2000 13:19:51 +1300
On Thu, 9 Nov 2000 11:04:28 +0100 Jan Muenther <jan () RADIO HUNDERT6 DE> wrote:
Hi,<aol>Me too</aol>. I have seen repeated DNS over TCP, ftp and other scans from dip.t-dialin.net addresses. Complaints to abuse () t-ipnet de get zero response. In the end I just blocked 212.185.223.0/24.You should try and send your complaints to abuse () t-online de. These guys generally do a good job, if you provide accurate logs. Might be more "responsive" if you talk to them in German, which I am willing to do in case you want me to.
I have also seen a lot of activity from this block -- latest is a ftp scan of our entire /16 yesterday. I have always had automated response followed by personal followup to my complaints to abuse () t-online de. In my complaints I alway supply accurate times (GPS sync'ed) and actual log records. I suspect many ISP simply black hole any report that does not have both. That said we do see a lot of activity from this block so I do wonder how effective their enforcemnet is. Russell.
Current thread:
- Re: big increase in ftp scanning, (continued)
- Re: big increase in ftp scanning Sean Michael Whipkey (Nov 01)
- Re: big increase in ftp scanning Greg Owen (Nov 01)
- Re: big increase in ftp scanning Michael Bush (Nov 02)
- Re: big increase in ftp scanning Christopher Malek (Nov 05)
- Re: big increase in ftp scanning Mike A. Harris (Nov 02)
- Re: big increase in ftp scanning Thomas Molina (Nov 05)
- Re: big increase in ftp scanning Daniel Roesen (Nov 08)
- Re: big increase in ftp scanning Tuc (Nov 08)
- Re: big increase in ftp scanning Keith Owens (Nov 09)
- Re: big increase in ftp scanning Jan Muenther (Nov 11)
- Re: big increase in ftp scanning Russell Fulton (Nov 13)
- Re: big increase in ftp scanning Andreas Ferber (Nov 14)
- Re: big increase in ftp scanning Jan Muenther (Nov 14)
- Re: big increase in ftp scanning Florian Weimer (Nov 15)
- Re: big increase in ftp scanning Dirk Meyer (Nov 11)
- Re: big increase in ftp scanning Stefan Tomlik (Nov 13)