funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Danchev: More Russian Criminal Activity in The Usual Places

From: Rich Kulawiec <rsk () gsp org>
Date: Thu, 13 Mar 2008 11:09:57 -0400
On Wed, Mar 12, 2008 at 03:46:00AM +0000, Paul Ferguson wrote:


I have repeatedly notified both Layered Technologies and SoftLayer on
malicious (and criminal) activities occurring in their IP address space
(their hosting facilities), but it continues to happen on a regular basis
(for over a year). Apparently, they don't seem to police their own
backyards, so it might be worthwhile to consider blocking these IP blocks
until they clean up their act.


I've seen incoming spam from all of these.  I recommend blacklisting
them outright on all your mail servers.  No doubt these are only a
subset of the blocks infested, and no doubt there are far worse
things than spam associated with them, but it's at least a start.

        67.228.10.0/24  softlayer-dirty 2007
        67.228.11.0/24  softlayer-dirty 2007
        67.228.39.0/24  softlayer-dirty 2007
        67.228.55.0/24  softlayer-dirty jan2008
        67.228.97.0/24  softlayer-dirty jan2008
        67.228.98.0/24  softlayer-dirty jan2008
        67.228.100.0/24 softlayer-dirty 2007
        67.228.110.0/24 softlayer-dirty jan2008
        72.232.96.0/24  layeredtech-dirty       2007
        72.232.179.0/24 layeredtech-dirty       2007
        72.232.191.0/24 layeredtech-dirty       2007
        72.232.192.0/24 layeredtech-dirty       2007
        72.232.243.0/24 layeredtech-dirty       2007
        74.86.52.0/24   softlayer-dirty jan2008
        74.86.68.0/24   softlayer-dirty 2007
        74.86.94.0/24   softlayer-dirty jan2008
        74.86.111.0/24  softlayer-dirty 2007
        74.86.203.0/24  softlayer-dirty 2007
        74.86.224.0/24  softlayer-dirty 2007
        74.86.239.0/24  softlayer-dirty 2007
        75.126.19.0/24  softlayer-dirty 2007
        75.126.69.0/24  softlayer-dirty 2007
        75.126.80.0/24  softlayer-dirty 2007
        208.101.10.0/24 softlayer-dirty feb2008
        208.101.34.0/24 softlayer-dirty 2007
        208.101.36.0/24 softlayer-dirty 2007

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: