Avast / Privax abuse contact
jbarrett at calltower.com
Wed Aug 1 22:34:16 UTC 2018
I agree. Complaints are rarely acknowledged and never promptly. We simply use a combination of Fail2Ban and remote trigger black hole filtering to drop the inbound traffic from probing IPs at our borders.
From: NANOG <nanog-bounces at nanog.org> On Behalf Of Dovid Bender
Sent: Wednesday, August 1, 2018 3:09 PM
To: Matt Harris <matt at netfire.net>
Cc: North American Network Operators' Group <nanog at nanog.org>
Subject: Re: Avast / Privax abuse contact
Rarely do we ever get a response when we file complaints for SIP traffic.
We simply use Kamilio and where have known bad UA's we just drop the packets and ban the IP's (using Fail2Ban), it will save you a lot of grief.
It's like trying to go after every get request to phpMyAdmin.
On Wed, Aug 1, 2018 at 1:11 PM, Matt Harris <matt at netfire.net> wrote:
> Anybody know anyone at or anything about Privax or Avast? AS 198605
> is announcing the problem networks.
> Getting a ton of SIP brute force attacks from their space, and emails
> with addresses/timestamps to the abuse contacts listed at RIRs/etc
> have not yieled any responses. Attacks still coming.
More information about the NANOG