RE: Avast / Privax abuse contact

[Jack Barrett <jbarrett () calltower com>]

I agree.  Complaints are rarely acknowledged and never promptly.  We simply use a combination of Fail2Ban and remote 
trigger black hole filtering to drop the inbound traffic from probing IPs at our borders.

-----Original Message-----
From: NANOG <nanog-bounces () nanog org> On Behalf Of Dovid Bender
Sent: Wednesday, August 1, 2018 3:09 PM
To: Matt Harris <matt () netfire net>
Cc: North American Network Operators' Group <nanog () nanog org>
Subject: Re: Avast / Privax abuse contact

Matt,

Rarely do we ever get a response when we file complaints for SIP traffic.
We simply use Kamilio and where have known bad UA's we just drop the packets and ban the IP's (using Fail2Ban), it will 
save you a lot of grief.
It's like trying to go after every get request to phpMyAdmin.



On Wed, Aug 1, 2018 at 1:11 PM, Matt Harris <matt () netfire net> wrote:

> Anybody know anyone at or anything about Privax or Avast?  AS 198605 
> is announcing the problem networks.
>
> Getting a ton of SIP brute force attacks from their space, and emails 
> with addresses/timestamps to the abuse contacts listed at RIRs/etc 
> have not yieled any responses.  Attacks still coming.
>
> Thanks!