nanog mailing list archives
Re: IP Geolocation
From: "Valdis Klētnieks" <valdis.kletnieks () vt edu>
Date: Wed, 16 Oct 2019 10:38:31 -0400
On Wed, 16 Oct 2019 12:50:17 -0000, Ryland Kremeier said:
I believe we have found 1 customer that is infected with a botnet or malware.
I've dealt with plenty of botnets working as a repair technician in the past but never had one change the public IP address of the user. Not entirely sure what this would accomplish aside from making it much easier to detect.
To detect that somebody isn't doing BCP38 filtering of their customers, you mean? :)
Attachment:
_bin
Description:
Current thread:
- IP Geolocation Travis Garrison (Oct 14)
- Re: IP Geolocation Jared Mauch (Oct 14)
- Re: IP Geolocation Josh Luthman (Oct 14)
- Re: IP Geolocation Ben Cannon (Oct 14)
- <Possible follow-ups>
- Re: IP Geolocation Paul Farag (Oct 14)
- RE: IP Geolocation Travis Garrison (Oct 16)
- RE: IP Geolocation Ryland Kremeier (Oct 16)
- Re: IP Geolocation Valdis Klētnieks (Oct 16)
- RE: IP Geolocation Travis Garrison (Oct 16)
- Re: IP Geolocation Jared Mauch (Oct 14)