Attacks from poneytelecom.eu

• Previous message (by thread): Attacks from poneytelecom.eu
• Next message (by thread): Attacks from poneytelecom.eu
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 02, 2018 at 11:35:14PM -0800, Troy Mursch wrote:
> Back in September, I documented my poor experience with AS12876 here:

[snip]

That AS has been originating brute-force attacks against ssh, pop, imap, etc.
for at least four years (and likely longer, but I didn't have older logs
handy).  It's also a persistent high-volume source of spam.  Its operators
are either thoroughly incompetent or fully complicit; there's no way to
tell from outside and operationally, it makes no difference.  So at minimum
I recommend blocking all connections from it to authenticated services
and refusing all SMTP traffic from rev.poneytelecom.eu and
rev.cloud.scaleway.com.

---rsk

• Previous message (by thread): Attacks from poneytelecom.eu
• Next message (by thread): Attacks from poneytelecom.eu
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]