Sorry wasn’t meant directly aimed at you… unless you are the same person \?
> On Feb 5, 2021, at 09:12, J. Hellenthal <jhellent...@dataix.net> wrote: > > And just like deploying IoT devices in vehicles without proper security > preparations will lead you to a C&C network … just saying the hammer swings > both ways here and getting a IP reported isn’t going to do you any damn good > at ALL. > > Personally I’d rip those IoT vehicles off the market for a recall but I > suspect we’ll be hearing of that in the not to distant future. > > So in hindsight why don’t we just close down this thread here. > >> On Feb 5, 2021, at 08:50, Joe <jbfixu...@gmail.com> wrote: >> >> Much like your banning of an email address is an ability you have with your >> provider (gmail), you should have the same abilities with your cellular >> provider for an IP address. >> I would think (at a minimum) you would be able to negotiate such an action >> with them, perhaps it is time to re-negotiate that contract? >> If your simply trying to report an offending IP for brute force stuff >> perhaps the tact you may find more helpful is to ask for a contact at xzy >> ISP on list, versus asking folks to do reporting for you. As well there are >> like 100s of lists to report this to outside of NANOG >> As well, if I am reading this correctly, deployment of devices that have >> public facing IPs and do not have a means to protect themselves is >> concerning to say the least. >> This is about as reckless as putting up a login page without a password and >> crying foul when something gains access that you didn't expect. Again, I do >> not know all of the details of this so I may be way off base with that >> respect. >> >> If your ability to prevent issues is due to lack of a firewall/control to >> your network, possibly asking for help in mitigating such threats would be >> better, as there are a lot of very well versed/clever folks that help out. >> Regards, >> -Joe >> >> >> On Thu, Feb 4, 2021 at 7:17 PM JoeSox <joe...@gmail.com> wrote: >> Ryan, >> Thanks but like I said these devices are in moving vehicles ok? >> I stated we have a plan but it is ways out. >> FACT: we have a known malicious C&C >> FACT: We know what networks it is hitting and the cellular network is the >> most vulnerable, imo. >> FACT: this IP is against Verizon terms of service so the way to address it >> is to report it to them as they request. >> >> I honestly got what I needed from this thread, thanks. And I thank the >> nonbullies that helped me off list. >> -- >> Thank You, >> Joe >> >> >> On Thu, Feb 4, 2021 at 5:11 PM Ryan Hamel <administra...@rkhtech.org> wrote: >> Joe, >> >> >> >> It isn’t on Verizon to setup a firewall, especially if you have a direct >> public IP service. The device being attached directly to the Internet (no >> matter the transmission medium), must be able to protect itself. ISPs >> provide routers which function as a NAT/Firewall appliance, to provide a >> means of safety and convenience for them, but also charge you a rental fee. >> >> >> >> Stick a Cradlepoint router or something in front of your device, if you want >> an external means of protection. Otherwise you’ll need to enable the Windows >> Firewall if it’s a Windows system, or setup iptables on Linux, ipfw/pf on >> *BSD, etc. >> >> >> >> Ryan >> >> >> >> From: JoeSox <joe...@gmail.com> >> Sent: Thursday, February 4, 2021 5:04 PM >> To: r...@rkhtech.org >> Cc: TJ Trout <t...@pcguys.us>; NANOG <nanog@nanog.org> >> Subject: Re: Suspicious IP reporting >> >> >> >> How do I setup a firewall when I am not a Verizon engineer? >> >> There is a firewall via the antivirus and operating system but that's it. >> >> Do you not understand my issue? I thought that is the real problem with the >> online bullies in this thread. >> >> -- >> >> Thank You, >> >> Joe >> >> >> >> >> >> On Thu, Feb 4, 2021 at 5:01 PM Ryan Hamel <administra...@rkhtech.org> wrote: >> >> Joe, >> >> >> >> The underlying premise here is, “pick your battles”. If you don’t want an IP >> address to access your device in anyway, setup a firewall and properly >> configure it to accept whitelisted traffic only, or just expose a VPN >> endpoint. The Internet is full of both good and bad actors that probe and >> scan anything and everything. >> >> >> >> While some appreciate the notification here, others will find it annoying. >> We cannot report anything malicious about an IP address on the Internet, >> unless it does harm to us specifically, otherwise it is false reporting and >> does create more noise at the ISP, and waste more time getting to the >> underlying issue. >> >> >> >> Ryan >> >> >> >> From: NANOG <nanog-bounces+ryan=rkhtech....@nanog.org> On Behalf Of JoeSox >> Sent: Thursday, February 4, 2021 4:41 PM >> To: TJ Trout <t...@pcguys.us> >> Cc: NANOG <nanog@nanog.org> >> Subject: Re: Suspicious IP reporting >> >> >> >> Do others see this online bully started by Tom? The leader has spoken so the >> minions follow :) >> >> This list sometimes LOL >> >> I think if everyone gets off their high horse, the list communication would >> be less noisy for the list veterans. >> >> -- >> >> Thank You, >> >> Joe >> >> >> >> >> >> On Thu, Feb 4, 2021 at 4:36 PM TJ Trout <t...@pcguys.us> wrote: >> >> This seems like a highly suspect request coming from a North American >> network operator...? >> >> >> >> >> >> On Thu, Feb 4, 2021 at 10:23 AM JoeSox <joe...@gmail.com> wrote: >> >> >> >> This IP is hitting devices on cellular networks for the past day or so. >> >> https://www.abuseipdb.com/whois/79.124.62.86 >> >> I think this is the info to report it to the ISP. Any help or if everyone >> can report it, I would be a happy camper. >> >> >> >> ab...@4cloud.mobi; ab...@fiberinternet.bg >> >> >> >> https://en.asytech.cn/check-ip/79.124.62.25#gsc.tab=0 >> >> >> >> -- >> >> Thank You, >> >> Joe >> > > > -- > > J. Hellenthal > > The fact that there's a highway to Hell but only a stairway to Heaven says a > lot about anticipated traffic volume. > > > > > > -- J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.
