Microsoft is hacking my Asterisk??? O_o
Mike Hammett
nanog at ics-il.net
Tue Nov 3 20:05:30 UTC 2020
Ah, so then potentially spoofed, trying to get people to honeypot blacklist XBox.
-----
Mike Hammett
Intelligent Computing Solutions
Midwest Internet Exchange
The Brothers WISP
----- Original Message -----
From: "Josh Luthman" <josh at imaginenetworksllc.com>
To: "Mike Hammett" <nanog at ics-il.net>
Cc: "Max Tulyev" <maxtul at netassist.ua>, "NANOG list" <nanog at nanog.org>
Sent: Tuesday, November 3, 2020 2:03:01 PM
Subject: Re: Microsoft is hacking my Asterisk??? O_o
I've seen that, a shared IP on Azure that hit my honeypot IP. Ended up being an Xbox authentication IP address one day.
Josh Luthman
24/7 Help Desk: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Tue, Nov 3, 2020 at 2:59 PM Mike Hammett < nanog at ics-il.net > wrote:
Azure?
-----
Mike Hammett
Intelligent Computing Solutions
Midwest Internet Exchange
The Brothers WISP
From: "Max Tulyev" < maxtul at netassist.ua >
To: nanog at nanog.org
Sent: Tuesday, November 3, 2020 1:55:45 PM
Subject: Microsoft is hacking my Asterisk??? O_o
Hi All,
I have just seen a number of IPs trying to brute-force my VoIP server
from Microsoft network. For example, 13.90.148.133, 20.55.203.249,
40.76.244.210... Traceroute really goes to MSN. More than a half of all
usual attempts to hack my Asterisk I got today, came from MSN.
What is happening? Am I missed something?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20201103/81dfe6fa/attachment.html>
More information about the NANOG
mailing list