nanog mailing list archives
Re: Attacks from poneytelecom.eu
From: Rich Kulawiec <rsk () gsp org>
Date: Wed, 3 Jan 2018 04:12:53 -0500
On Tue, Jan 02, 2018 at 11:35:14PM -0800, Troy Mursch wrote:
Back in September, I documented my poor experience with AS12876 here:
[snip] That AS has been originating brute-force attacks against ssh, pop, imap, etc. for at least four years (and likely longer, but I didn't have older logs handy). It's also a persistent high-volume source of spam. Its operators are either thoroughly incompetent or fully complicit; there's no way to tell from outside and operationally, it makes no difference. So at minimum I recommend blocking all connections from it to authenticated services and refusing all SMTP traffic from rev.poneytelecom.eu and rev.cloud.scaleway.com. ---rsk
Current thread:
- Re: Attacks from poneytelecom.eu, (continued)
- Re: Attacks from poneytelecom.eu Rob McEwen (Jan 04)
- Re: Attacks from poneytelecom.eu William Herrin (Jan 04)
- Re: Attacks from poneytelecom.eu Dan Hollis (Jan 04)
- Re: Attacks from poneytelecom.eu William Herrin (Jan 04)
- Re: Attacks from poneytelecom.eu Stephen Satchell (Jan 04)
- Re: Attacks from poneytelecom.eu bzs (Jan 05)
- Re: Attacks from poneytelecom.eu Radu-Adrian Feurdean (Jan 06)
- Re: Attacks from poneytelecom.eu Dan Hollis (Jan 04)
- Re: Attacks from poneytelecom.eu valdis . kletnieks (Jan 04)
- Re: Attacks from poneytelecom.eu Rich Kulawiec (Jan 03)
- Re: Attacks from poneytelecom.eu Tim Burke (Jan 03)
- Re: Attacks from poneytelecom.eu Fredrik Korsbäck (Jan 04)
- Re: Attacks from poneytelecom.eu Rich Kulawiec (Jan 13)
- Re: Attacks from poneytelecom.eu Tom Beecher (Jan 14)