I agree. Complaints are rarely acknowledged and never promptly. We simply use a combination of Fail2Ban and remote trigger black hole filtering to drop the inbound traffic from probing IPs at our borders.
-----Original Message----- From: NANOG <nanog-boun...@nanog.org> On Behalf Of Dovid Bender Sent: Wednesday, August 1, 2018 3:09 PM To: Matt Harris <m...@netfire.net> Cc: North American Network Operators' Group <nanog@nanog.org> Subject: Re: Avast / Privax abuse contact Matt, Rarely do we ever get a response when we file complaints for SIP traffic. We simply use Kamilio and where have known bad UA's we just drop the packets and ban the IP's (using Fail2Ban), it will save you a lot of grief. It's like trying to go after every get request to phpMyAdmin. On Wed, Aug 1, 2018 at 1:11 PM, Matt Harris <m...@netfire.net> wrote: > Anybody know anyone at or anything about Privax or Avast? AS 198605 > is announcing the problem networks. > > Getting a ton of SIP brute force attacks from their space, and emails > with addresses/timestamps to the abuse contacts listed at RIRs/etc > have not yieled any responses. Attacks still coming. > > Thanks! >
