[155865] in North American Network Operators' Group
Re: Bizarre (.bz) abuse report - are we alone?
daemon@ATHENA.MIT.EDU (valdis.kletnieks@vt.edu)
Tue Aug 28 08:39:10 2012
To: Jay Hennigan <jay@west.net>
In-Reply-To: Your message of "Sun, 26 Aug 2012 19:35:54 -0700."
<503ADD0A.3030505@west.net>
From: valdis.kletnieks@vt.edu
Date: Tue, 28 Aug 2012 08:37:30 -0400
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1346157450_2013P
Content-Type: text/plain; charset=us-ascii
On Sun, 26 Aug 2012 19:35:54 -0700, Jay Hennigan said:
> On 8/25/12 3:29 PM, no-reply@abuse.bz wrote:
> > We have noticed illegal activity from [redacted] aimed at one of our servers.
> > Please disable these brute force attempts, port scans and/or neighbour scanning technologies.
I haven't seen something this clue-challenged since the CIRT for one of the US
military branches sent me an e-mail about network probes. Turned out that it
was our Listserv machine, trying to send to the IP address that was listed as
an MX for one of their subdomains, and said IP didn't have anything listening
at port 25.
--==_Exmh_1346157450_2013P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBUDy7igdmEQWDXROgAQLF0Q//SdqclVGnvUI9RLVbJItAxVKsvfIH4l6x
cSsHzEd2M8DO5KgC7LcKe18q2FR26vbdwkqlldvxC0Zg+RrW7MlcHkg1J/x1H/FN
FTgAOx5SGsWUTvIx6oW4Zh+R+RlaRTSNCwP/ElEpbMiOZwiLpDNw1owxx/Op02io
HpEVnwVi9Y4znXNua576SEnaa2z36e0uthwEiYLjuL7ckEE4p1X+w9izPMI6smeT
TrQ4DTzbW8u7A34jyy+kkBt/9mAiffhE87DAEGN4FBrd1w2VL5LTS5luHeAqJAbo
2Mlqstyq9gSkAcctc70o18QTuBRvcNtZHZeHqfbF8nvv5lmCd1r1hZ2WpZs089gM
RMVqCPezXxMR2Cm7V26y1dpMMy54fHvbyar+YZie9VcTY5YHlVVphwNBJnCu8bvo
shdGBJbo2A3gV2nLX+reW6vz9YqibW4DB+AcILO0P7tM/cIhwJxGqYfxtHGPgbGw
loB1YbISI2rCHIIhNaAPrdO+/Iwb69y7RCuBu0Ft8Iwsw8yuXyaWwMEN6bpl7/Rn
1qIrmUWmiuGqdk/XqLVL5X262UHtZXjZe3ips4h5E8FhXKQAA175KOQ9EtAVjTcO
7t1ZeMo6XiQU+8A+DSFuUAwC4+ApUeLo/PHIfmdiID95prfmMrrYnOHn4FNhOywl
JkoolMtnAy0=
=MwiY
-----END PGP SIGNATURE-----
--==_Exmh_1346157450_2013P--
