Attacks from poneytelecom.eu
list at satchell.net
Fri Jan 5 20:27:30 UTC 2018
On 01/05/2018 11:38 AM, Dovid Bender wrote:
> I may have to take back what I said. Yes the attacks stopped from what IP
> but they magically started again from another IP of theirs in a different.
> Range. seems like the attacker picked up where they left off just from a
> new UP. Almost as if they told the attacker they got complaints and they
> would need to just simply switch their IP to keep them as a customer......
Back when I joined a Web hosting company after the freelance-writing
market collapsed, I was astonished to learn that the usual response to
an abuse complaint was to move the customer to a new IP address. And
the owner of the company wondered why his entire netblock was in SORBS.
So, I took over the abuse desk. Closed four accounts out of several
thousand. And, lo and behold, I got the company out of SORBS. ("You've
got to be kidding me! And in only six weeks!" -- NANAE contributor.)
Not only did my $DAYJOB stop being a spam source, I was able to do some
things about the inflow to my customers as well.
Then there was the subpoena from the IRS, the cease-and-desist order
from a major watch company, and other fun stuff. Oh, and the court
order brought in by the Nevada Gaming Commission...and the hapless
"expert"* they brought in to do the forensic capture of the disk image.
An expert who knew NOTHING about Unix, let alone Linux.
Fun times, indeed.
I revel in my dull, dull professional life now. Lift a glass, make a
toast, sing a ditty.
* X is a mathematical quantity denoting the unknown. "Spurt" is a drip
of water under pressure. So an X-Spurt is an unknown drip under pressure.
More information about the NANOG