Re: [mailop] Chuckle of the day..

Thu, 18 Mar 2021 08:39:26 -0700 

Actually, apparently this specific IP Address is supposed to be..
"That is a Security company based in South Korea, not a bad actor. They are scanning IPs for research purposes, which is not illegal or nefarious.Here is the company's linked In: https://www.linkedin.com/company/aispera"; 

However, their bot is broken..

But yes, lot's of reports from the parent network holder..
A lot of vulnerability scans, but also various actual AUTH attempts
Cutwail type signatures etc..
Of course, do your own research.. Not all companies who purport to be 'research purposes' are white hats.. 


On 2021-03-17 11:47 p.m., Peter Nicolai Mathias Hansteen wrote:




17. mar. 2021 kl. 23:46 skrev Michael Peddemors via mailop <mailop@mailop.org>:

Never get enough chance to look at logs anymore but this one jumped out while 
checking something out..

89.248.169.12 -> 587 GeoIP = [GB] PTR = security.criminalip.com

hehehe.. wonder if we should help them fix their broken bot..


I thought there were more, but at least we have

$ doas spamdb | grep 89.248.169
TRAPPED|89.248.169.12|1616119406

$ grep 89.248.169 pop3gropers.txt
    89.248.169.12
    89.248.169.16
    89.248.169.36

It’s more than likely they have more than one netback though, since that whois 
output (snipped here for brevity) seems very familiar. ENOCOFFEE means no 
further checks from here at the moment, but yes, they are worthy of LARTing.

- Peter

—
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.








--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Reply via email to