Re: More scans from .ru

[Vladimir Ivaschenko <hazard () HAZARD MAKS NET>]

Paul Taylor wrote about "More scans from .ru":

> Is anyone else sick of seeing the russians?:

Gee, I guess so - I see myself in the mirror every day :)

> 2001-03-22 20:15:40 167.140.19.2  194.67.25.10   HTTP UTF8 backtick
> 2001-03-22 20:15:40 167.140.19.2  194.67.25.10  IIS system32 command
>
> It seems like we get scanned with this crap at least three times per week,
> and 99% of the time it is either from a .ru or a .ua address.
>
> Response from abuse@ for any of them is non-existant.

Its better not to write to abuse, write to contact addresses in RIPE.
Usually people there have better knowledge of English. In your case it
seems that scanning goes from the system network of one of the
Russia's top-level providers, so you have a chance of finding someone who
can help.

--
Best Regards
Vladimir Ivaschenko
RedHat Certified Linux Engineer (RHCE)