Attacks from poneytelecom.eu

Fri Jan 5 20:27:30 UTC 2018

On 01/05/2018 11:38 AM, Dovid Bender wrote:
> I may have to take back what I said. Yes the attacks stopped from what IP
> but they magically started again from another IP of theirs in a different.
> Range. seems like the attacker picked up where they left off just from a
> new UP. Almost as if they told the attacker they got complaints and they
> would need to just simply switch their IP to keep them as a customer......

Back when I joined a Web hosting company after the freelance-writing 
market collapsed, I was astonished to learn that the usual response to 
an abuse complaint was to move the customer to a new IP address.  And 
the owner of the company wondered why his entire netblock was in SORBS.

So, I took over the abuse desk.  Closed four accounts out of several 
thousand.  And, lo and behold, I got the company out of SORBS.  ("You've 
got to be kidding me!  And in only six weeks!" -- NANAE contributor.)

Not only did my $DAYJOB stop being a spam source, I was able to do some 
things about the inflow to my customers as well.

Then there was the subpoena from the IRS, the cease-and-desist order 
from a major watch company, and other fun stuff.  Oh, and the court 
order brought in by the Nevada Gaming Commission...and the hapless 
"expert"* they brought in to do the forensic capture of the disk image. 
An expert who knew NOTHING about Unix, let alone Linux.

Fun times, indeed.

I revel in my dull, dull professional life now.  Lift a glass, make a 
toast, sing a ditty.

* X is a mathematical quantity denoting the unknown.  "Spurt" is a drip 
of water under pressure.  So an X-Spurt is an unknown drip under pressure.