nanog mailing list archives
Re: Spamming and ssh attack from a customers
From: Mark Andrews <marka () isc org>
Date: Thu, 06 Jan 2011 20:11:17 +1100
In message <BLU0-SMTP18666EADDBA40B2B455F798BB0A0 () phx gbl>, Tarig Ahmed writes:
hi all I am receiving emails from many servers saying that: this ip (from a customer) is trying to attacking one of our servers. Is it appropriate to filter ssh, telnet, and smtp from my customers, or just forward the message to my customer contact persons?
I suspect that your customer is compromised and you should put them in a walled garden until they fix the problem. Look at traffic flows first however.
Thanks in advance.. Tarig Yassin Ahmed
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Spamming and ssh attack from a customers Tarig Ahmed (Jan 06)
- Re: Spamming and ssh attack from a customers Mike (Jan 06)
- FW: Spamming and ssh attack from a customers Tarig Yassin (Jan 06)
- Re: Spamming and ssh attack from a customers Mark Andrews (Jan 06)
- Re: Spamming and ssh attack from a customers Mike (Jan 06)