Security Incidents mailing list archives
Re: More scans from .ru
From: Vladimir Ivaschenko <hazard () HAZARD MAKS NET>
Date: Fri, 23 Mar 2001 19:06:33 +0300
Paul Taylor wrote about "More scans from .ru":
Is anyone else sick of seeing the russians?:
Gee, I guess so - I see myself in the mirror every day :)
2001-03-22 20:15:40 167.140.19.2 194.67.25.10 HTTP UTF8 backtick 2001-03-22 20:15:40 167.140.19.2 194.67.25.10 IIS system32 command It seems like we get scanned with this crap at least three times per week, and 99% of the time it is either from a .ru or a .ua address. Response from abuse@ for any of them is non-existant.
Its better not to write to abuse, write to contact addresses in RIPE. Usually people there have better knowledge of English. In your case it seems that scanning goes from the system network of one of the Russia's top-level providers, so you have a chance of finding someone who can help. -- Best Regards Vladimir Ivaschenko RedHat Certified Linux Engineer (RHCE)
Current thread:
- More scans from .ru Paul Taylor (Mar 23)
- Re: More scans from .ru Vladimir Ivaschenko (Mar 23)