nanog mailing list archives
Re: Microsoft is hacking my Asterisk??? O_o
From: Mike Hammett <nanog () ics-il net>
Date: Tue, 3 Nov 2020 14:52:56 -0600 (CST)
When I had honeypot blacklisting for my whole network, I ran across people spoofing the Google authoritative name servers. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Dovid Bender" <dovid () telecurve com> To: "Mike Hammett" <nanog () ics-il net> Cc: "Josh Luthman" <josh () imaginenetworksllc com>, "NANOG list" <nanog () nanog org> Sent: Tuesday, November 3, 2020 2:47:58 PM Subject: Re: Microsoft is hacking my Asterisk??? O_o we have seen 8.8.8.8 end up on some ban lists. On Tue, Nov 3, 2020 at 3:17 PM Mike Hammett < nanog () ics-il net > wrote: Ah, so then potentially spoofed, trying to get people to honeypot blacklist XBox. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP From: "Josh Luthman" < josh () imaginenetworksllc com > To: "Mike Hammett" < nanog () ics-il net > Cc: "Max Tulyev" < maxtul () netassist ua >, "NANOG list" < nanog () nanog org > Sent: Tuesday, November 3, 2020 2:03:01 PM Subject: Re: Microsoft is hacking my Asterisk??? O_o I've seen that, a shared IP on Azure that hit my honeypot IP. Ended up being an Xbox authentication IP address one day. Josh Luthman 24/7 Help Desk: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Nov 3, 2020 at 2:59 PM Mike Hammett < nanog () ics-il net > wrote: <blockquote> Azure? ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP From: "Max Tulyev" < maxtul () netassist ua > To: nanog () nanog org Sent: Tuesday, November 3, 2020 1:55:45 PM Subject: Microsoft is hacking my Asterisk??? O_o Hi All, I have just seen a number of IPs trying to brute-force my VoIP server from Microsoft network. For example, 13.90.148.133, 20.55.203.249, 40.76.244.210... Traceroute really goes to MSN. More than a half of all usual attempts to hack my Asterisk I got today, came from MSN. What is happening? Am I missed something? </blockquote>
Current thread:
- Microsoft is hacking my Asterisk??? O_o Max Tulyev (Nov 03)
- Re: Microsoft is hacking my Asterisk??? O_o Mike Hammett (Nov 03)
- RE: Microsoft is hacking my Asterisk??? O_o Christian Kuhtz via NANOG (Nov 03)
- Re: Microsoft is hacking my Asterisk??? O_o Gary E. Miller (Nov 03)
- RE: [EXTERNAL] Re: Microsoft is hacking my Asterisk??? O_o Christian Kuhtz via NANOG (Nov 03)
- Re: [EXTERNAL] Re: Microsoft is hacking my Asterisk??? O_o Gary E. Miller (Nov 03)
- RE: Microsoft is hacking my Asterisk??? O_o Christian Kuhtz via NANOG (Nov 03)
- Re: Microsoft is hacking my Asterisk??? O_o Mike Hammett (Nov 03)
- Re: Microsoft is hacking my Asterisk??? O_o Josh Luthman (Nov 03)
- Re: Microsoft is hacking my Asterisk??? O_o Mike Hammett (Nov 03)
- Re: Microsoft is hacking my Asterisk??? O_o Dovid Bender (Nov 03)
- Re: Microsoft is hacking my Asterisk??? O_o Mike Hammett (Nov 03)