Port 2323/tcp

Wed Nov 16 17:25:34 UTC 2016

It's pretty much part of the IBR now. And what can a provider do, really? It's not likely he will expend much effort blocking customers. Maybe we should all start filtering 2323?

-mel via cell

> On Nov 16, 2016, at 11:53 AM, Stephen Satchell <list at satchell.net> wrote:
> 
> I've been seeing a lot of rejections in my logs for 2323/tcp.  According
> to the Storm Center, this is what the Mirai botnet scanner uses to look
> for other target devices.
> 
> Is it worthwhile to report sightings to the appropriate abuse addresses?
> (That assumes there *is* an abuse address associated with the IPv4
> address that is the source.)  Would administrations receiving these
> notices do anything with them?
> 
> Alternatively, is there anyone collecting this information from people
> like me to expose the IP addresses of possible infections?
> 
> I am toying with the idea of setting up a honey-pot, but I'm so far
> behind with $DAYJOB that such a project will have to wait a bit.
> 
> I want to be a good net citizen.  I also want to make sure I'm not
> wasting my time.
> 
> Today's crop:
> 
>> 1.34.169.183
>> 12.221.236.2
>> 14.138.22.12
>> 14.169.142.30
>> 14.174.71.158
>> 14.177.197.101
>> 31.168.146.33
>> 31.168.212.174
>> 36.71.224.179
>> 36.72.253.206
>> 37.106.18.86
>> 42.115.187.189
>> 42.117.254.248
>> 42.119.228.222
>> 43.225.195.180
>> 46.59.6.249
>> 49.114.192.91
>> 58.11.238.146
>> 58.186.231.59
>> 59.8.136.21
>> 59.49.191.4
>> 59.57.68.56
>> 59.126.35.47
>> 59.126.242.70
>> 59.127.104.67
>> 59.127.242.8
>> 60.251.125.125
>> 61.219.165.38
>> 73.84.152.194
>> 78.179.113.148
>> 78.186.61.30
>> 78.189.169.142
>> 78.226.222.234
>> 79.119.74.255
>> 81.16.8.193
>> 81.101.233.14
>> 81.214.121.43
>> 81.214.134.133
>> 81.214.137.197
>> 82.77.68.189
>> 83.233.40.141
>> 85.96.202.199
>> 85.99.121.41
>> 85.238.103.111
>> 86.121.225.48
>> 87.251.252.22
>> 88.249.224.167
>> 89.122.87.239
>> 89.151.128.198
>> 90.177.91.201
>> 92.53.52.235
>> 92.55.231.90
>> 94.31.239.178
>> 94.254.41.152
>> 94.255.162.90
>> 95.78.245.54
>> 95.106.34.92
>> 95.161.236.182
>> 96.57.103.19
>> 101.0.43.13
>> 108.203.68.245
>> 110.55.108.215
>> 110.136.233.10
>> 112.133.69.176
>> 112.165.93.130
>> 112.186.42.216
>> 113.5.224.110
>> 113.161.64.11
>> 113.169.18.153
>> 113.171.98.158
>> 113.172.4.204
>> 113.183.204.112
>> 113.188.44.246
>> 114.32.28.219
>> 114.32.87.32
>> 114.32.189.5
>> 114.34.29.167
>> 114.34.170.10
>> 114.35.153.123
>> 114.226.53.133
>> 115.76.127.118
>> 116.73.65.248
>> 116.100.170.92
>> 117.0.7.77
>> 117.1.26.234
>> 117.195.254.3
>> 118.32.44.99
>> 118.42.15.21
>> 118.43.112.120
>> 118.100.64.159
>> 118.163.191.208
>> 119.199.160.207
>> 119.202.78.47
>> 120.71.215.81
>> 121.129.203.22
>> 121.178.104.129
>> 121.180.53.143
>> 122.117.245.28
>> 123.9.72.86
>> 123.16.78.77
>> 123.23.49.149
>> 123.24.108.10
>> 123.24.250.187
>> 123.25.74.209
>> 123.27.159.13
>> 123.240.245.72
>> 124.66.99.251
>> 124.131.28.38
>> 125.166.193.206
>> 125.227.138.132
>> 138.204.203.66
>> 171.97.245.221
>> 171.224.7.147
>> 171.226.20.220
>> 171.232.118.93
>> 171.248.210.120
>> 171.249.223.213
>> 171.250.26.209
>> 173.56.21.67
>> 175.138.81.130
>> 175.203.202.232
>> 175.207.137.139
>> 175.211.251.156
>> 177.207.49.108
>> 177.207.67.170
>> 177.223.52.193
>> 178.222.246.96
>> 179.4.140.63
>> 179.235.55.39
>> 179.253.163.107
>> 180.73.117.62
>> 180.254.224.10
>> 182.37.156.98
>> 182.180.80.75
>> 182.180.123.43
>> 183.46.49.216
>> 183.144.245.235
>> 186.19.48.158
>> 186.69.170.130
>> 186.219.1.156
>> 187.104.248.17
>> 187.211.63.51
>> 188.209.153.15
>> 189.101.220.244
>> 189.234.9.147
>> 191.103.35.250
>> 191.180.198.31
>> 191.249.21.41
>> 196.207.83.23
>> 197.224.37.108
>> 201.243.225.103
>> 210.178.250.121
>> 211.7.146.51
>> 211.216.202.191
>> 213.5.216.213
>> 213.14.195.100
>> 213.170.76.149
>> 217.129.243.48
>> 218.161.121.178
>> 218.186.43.224
>> 220.85.169.133
>> 220.132.111.124
>> 220.133.24.142
>> 220.133.198.71
>> 220.133.234.229
>> 220.134.132.200
>> 220.134.193.133
>> 220.135.64.43
>> 221.145.147.78
>> 221.159.105.17
>> 221.167.64.53
>> 222.254.238.188
>> 223.154.223.159
> 