[104709] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: amazonaws.com?

daemon@ATHENA.MIT.EDU (Steve Atkins)
Fri May 23 20:42:35 2008

From: Steve Atkins <steve@blighty.com>
To: nanog@nanog.org
In-Reply-To: <200805232359.m4NNxUEY020333@world.std.com>
Date: Fri, 23 May 2008 17:42:26 -0700
Errors-To: nanog-bounces@nanog.org


On May 23, 2008, at 4:59 PM, Barry Shein wrote:

>
> Is it just us or does someone pWn *.amazonaws.com?
>
> Every one of our mail servers is being slammed by I'm not sure what
> but many thousands of user unknowns per hour (fortunately we handle
> those pretty quickly but this is a deluge.)
>
> All I know is "amazonaws.com" is "Amazon Web Services", not sure if
> these particular systems should be sending email at all, the hostnames
> look like:

It's a compute farm. Anyone can rent time on it. The processes
they run will be assigned to random machines in the farm, AIUI,
and will have full network access.

If you're seeing something more egregious than just deluges of spam
then ec2-abuse@amazon.com would likely be the right people
to talk to.

They've been contacted about it and, AIUI, state that the spam being  
sent
from there is not something they're going to take action on.

I suspect that taking the obvious preemptive action w.r.t. 67.202.0.0/18
is likely to be more effective than relying on their abuse staff.

Cheers,
   Steve



home help back first fref pref prev next nref lref last post