nanog mailing list archives
Re: Abusive traffic from Microsoft China?
From: "Christopher Morrow" <christopher.morrow () gmail com>
Date: Thu, 8 Nov 2007 09:54:21 -0800
On 11/8/07, Church, Charles <cchurc05 () harris com> wrote:
Looks fishy. Why would a company the size of Microsoft register a single /25? I doubt MS really owns that block. Sounds more like a
They have a small office there serviced by a dsl link to the local telco (CNCGroup)... This happens all the time.
hacker playground to me.
maybe, probably not though.
Chuck -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of David Hubbard Sent: Thursday, November 08, 2007 12:23 PM To: nanog () merit edu Subject: Abusive traffic from Microsoft China? Just wondering if anyone else is seeing huge random floods of traffic from: inetnum: 202.96.51.128 - 202.96.51.255 netname: MICROSOFT-CO descr: Microsft (China) Co.Ltd country: CN admin-c: CH455-AP tech-c: SY21-AP mnt-by: MAINT-CNCGROUP-BJ changed: suny () publicf bta net cn 20060926 status: ALLOCATED NON-PORTABLE source: APNIC changed: suny () publicf bta net cn 20060926 On a nearly daily basis we see them randomly open thousands of connections from a variety of addresses in that block to multiple servers. I've emailed of coruse but that results in nothing. Probably will just end up blocking them. Thanks, David
Current thread:
- Abusive traffic from Microsoft China? David Hubbard (Nov 08)
- RE: Abusive traffic from Microsoft China? Church, Charles (Nov 08)
- Re: Abusive traffic from Microsoft China? Christopher Morrow (Nov 08)
- Re: Abusive traffic from Microsoft China? Leigh Porter (Nov 08)
- Re: Abusive traffic from Microsoft China? Dave Pooser (Nov 08)
- Re: Abusive traffic from Microsoft China? Christopher Morrow (Nov 08)
- RE: Abusive traffic from Microsoft China? Christian Nielsen (Nov 08)
- Re: Abusive traffic from Microsoft China? goemon (Nov 08)
- RE: Abusive traffic from Microsoft China? Church, Charles (Nov 08)