[173837] in North American Network Operators' Group
Re: Dealing with abuse complaints to non-existent contacts
daemon@ATHENA.MIT.EDU (Paul S.)
Sun Aug 10 12:45:14 2014
X-Original-To: nanog@nanog.org
Date: Mon, 11 Aug 2014 01:44:59 +0900
From: "Paul S." <contact@winterei.se>
To: nanog@nanog.org
In-Reply-To: <CAO8NbkRLFtdOs+6sOmEWzRpi3ONwShjPGvicnVQb46MAk+5Lnw@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
It would appear you've done your part in trying to reach out (and
subsequently failed), so the next step to go is dropping all traffic
from it.
Nothing wrong with trying to protect your own customer from people who
cannot be bothered to do their own due diligence.
On 8/11/2014 午前 12:19, Gabriel Marais wrote:
> Hi Nanog
>
> I'm curious.
>
> I have been receiving some major ssh brute-force attacks coming from random
> hosts in the 116.8.0.0 - 116.11.255.255 network. I have sent a complaint to
> the e-mail addresses obtained from a whois query on one of the IP Addresses.
>
> My e-mail bounced back from both recipients. Once being rejected by filter
> and the other because the e-mail address doesn't exist. I would have
> thought that contact details are rather important to be up to date, or not?
>
> Besides just blocking the IP range on my firewall, I was wondering what
> others would do in this case?
>
>
> Regards, Gabriel
