Security Incidents mailing list archives
Re: Scans from proxyprotector.com
From: "Kurt Seifried" <kurt () seifried org>
Date: Tue, 20 May 2003 04:11:13 -0700
If you people haven't figured this out by now it's a large scale spammer looking for open relays. The scans started on my systems on May 4, 2003 (on live systems and in dead IP space). They have continued, HEAVILY (i.e. still beating on IP's that are not in use and have no response). The ISP (race.com) has undoubtedly been contacted by numerous people (email and phone). The ISP has not taken action (last scan was <12 hour ago, again a very heavy scan). It's pretty obvious the ISP is complicit due to complete lack of action, over the source of several weeks now. My advice: simply block 64.201.96.0/20 until the scans stop. Kurt Seifried, kurt () seifried org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ ---------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ----------------------------------------------------------------------------
Current thread:
- Re: Scans from proxyprotector.com, (continued)
- Re: Scans from proxyprotector.com Charles Blackburn (May 17)
- Re: Scans from proxyprotector.com Chris Boyd (May 19)
- Re: Scans from proxyprotector.com Charles Blackburn (May 20)
- RE: Scans from proxyprotector.com Shawn Duffy (May 19)
- RE: Scans from proxyprotector.com Mark Ng (May 19)
- Re: Scans from proxyprotector.com Anthony Papaleo (May 17)
- Re: Scans from proxyprotector.com Charles Blackburn (May 17)
- Re: Scans from proxyprotector.com Charles Blackburn (May 19)
- Re: Scans from proxyprotector.com Danny (May 20)
- Re: Scans from proxyprotector.com Charles Blackburn (May 20)
- Re: Scans from proxyprotector.com Kurt Seifried (May 20)
- Re: Scans from proxyprotector.com Danny (May 20)
- RE: Scans from proxyprotector.com King, Brian (May 20)
- RE: Scans from proxyprotector.com Matthew F. Caldwell (May 20)
- RE: Scans from proxyprotector.com Compton, Rich (May 20)
- Re: Scans from proxyprotector.com Kurt Seifried (May 21)
- Re: Scans from proxyprotector.com Erik Fichtner (May 22)
- Are they back? (was Re: Scans from proxyprotector.com) Erik V. Olson (May 26)
- RE: Are they back? (was Re: Scans from proxyprotector.com) Mark Ng (May 27)
- RE: Are they back? (was Re: Scans from proxyprotector.com) jlewis (May 28)
- Re: Scans from proxyprotector.com Kurt Seifried (May 21)
- Re: Scans from proxyprotector.com Justin Pryzby (May 22)
- Re: Scans from proxyprotector.com Valdis . Kletnieks (May 22)