Misreporting abuse, it's not actually helpful: root at fireslayer.maxihost.com.br

Christopher Morrow christopher.morrow at gmail.com
Sat Jan 7 01:47:49 UTC 2012


[ABUSE] Attack comming from IP 90.185.110.92 to 189.1.164.138

So... FireSlayer, did you get a cold? or perhaps have too much to
drink? sending reports of what looks like CoD4:

16:36:58.728250 IP 90.185.110.92.27005 > 189.1.172.238.28960: UDP, length 14
16:36:58.741473 IP 90.185.110.92.27005 > 189.1.169.243.28922: UDP, length 14
16:36:58.754083 IP 90.185.110.92.27005 > 189.1.164.56.28947: UDP, length 14

server traffic to your customers is cool, it's not so cool if you send
the reports to the wrong origin asn... AS15169 doesn't actually
originate 90.185.110.0/24, it looks to me like:
AS39554   | 90.185.110.0     | FULLRATE Fullrate A/S

probably does though... I'm not sure what math tricks you may have
tried, but 39554 is in no way like 15169. Could you take some time to
disable your report generation canon and fix it before re-enabling it?
I'm not the only person getting mis-fired reports, if you want to help
everyone please turn off the canon.

thnx!
-chris

(note, we've asked privately, you don't seem to respond/listen,
perhaps publicly noting this will get:
1) your attention
2) you to stop the insanity)




More information about the NANOG mailing list