used-for-c-c-and-data-exfiltration/
Could it be that what the OP observed is link to a browser vulnerability
started to be exploited recently?
Cheers,
Jean
From: NANOG On Behalf Of Joe
Sent: February 5, 2021 9:51 AM
To: JoeSox
Cc: NANOG
Subject: Re: Suspicious IP reporting
Much
gt;> Windows Firewall if it’s a Windows system, or setup iptables on Linux,
>> ipfw/pf on *BSD, etc.
>>
>>
>>
>> Ryan
>>
>>
>>
>> *From:* JoeSox
>> *Sent:* Thursday, February 4, 2021 5:04 PM
>> *To:* r...@rkhtech.org
>> *Cc
;> means of safety and convenience for them, but also charge you a rental fee.
>>
>>
>>
>> Stick a Cradlepoint router or something in front of your device, if you want
>> an external means of protection. Otherwise you’ll need to enable the Windows
>> Firewall if i
ick a Cradlepoint router or something in front of your device, if you want
> an external means of protection. Otherwise you’ll need to enable the Windows
> Firewall if it’s a Windows system, or setup iptables on Linux, ipfw/pf on
> *BSD, etc.
>
>
>
> Ryan
>
>
t;> Stick a Cradlepoint router or something in front of your device, if you
>> want an external means of protection. Otherwise you’ll need to enable the
>> Windows Firewall if it’s a Windows system, or setup iptables on Linux,
>> ipfw/pf on *BSD, etc.
>>
>>
>&
tection. Otherwise you’ll need to enable the
>> Windows Firewall if it’s a Windows system, or setup iptables on Linux,
>> ipfw/pf on *BSD, etc.
>>
>>
>>
>> Ryan
>>
>>
>>
>> *From:* JoeSox
>> *Sent:* Thursday, February 4, 2021 5:04 PM
>>
es on Linux,
> ipfw/pf on *BSD, etc.
>
>
>
> Ryan
>
>
>
> *From:* JoeSox
> *Sent:* Thursday, February 4, 2021 5:04 PM
> *To:* r...@rkhtech.org
> *Cc:* TJ Trout ; NANOG
> *Subject:* Re: Suspicious IP reporting
>
>
>
> How do I setup a firewall when I
Linux, ipfw/pf on *BSD,
etc.
Ryan
From: JoeSox
Sent: Thursday, February 4, 2021 5:04 PM
To: r...@rkhtech.org
Cc: TJ Trout ; NANOG
Subject: Re: Suspicious IP reporting
How do I setup a firewall when I am not a Verizon engineer?
There is a firewall via the antivirus and operating system
specifically, otherwise it is false reporting and
> does create more noise at the ISP, and waste more time getting to the
> underlying issue.
>
>
>
> Ryan
>
>
>
> *From:* NANOG *On Behalf Of *
> JoeSox
> *Sent:* Thursday, February 4, 2021 4:41 PM
> *To:* TJ Trout
ISP, and waste more time getting to the underlying issue.
Ryan
From: NANOG On Behalf Of JoeSox
Sent: Thursday, February 4, 2021 4:41 PM
To: TJ Trout
Cc: NANOG
Subject: Re: Suspicious IP reporting
Do others see this online bully started by Tom? The leader has spoken so the
minions
Do others see this online bully started by Tom? The leader has spoken so
the minions follow :)
This list sometimes LOL
I think if everyone gets off their high horse, the list communication would
be less noisy for the list veterans.
--
Thank You,
Joe
On Thu, Feb 4, 2021 at 4:36 PM TJ Trout wrote
This seems like a highly suspect request coming from a North American
network operator...?
On Thu, Feb 4, 2021 at 10:23 AM JoeSox wrote:
>
> This IP is hitting devices on cellular networks for the past day or so.
> https://www.abuseipdb.com/whois/79.124.62.86
> I think this is the info to rep
you are only penalizing yourself by banning him. I would personally
> not ban him.
>
>
>
> J
>
>
>
> *From:* Jean St-Laurent
> *Sent:* February 4, 2021 6:28 PM
> *To:* 'JoeSox' ; 'Tom Beecher'
> *Cc:* 'NANOG'
> *Subject:* RE: S
: February 4, 2021 6:28 PM
To: 'JoeSox' ; 'Tom Beecher'
Cc: 'NANOG'
Subject: RE: Suspicious IP reporting
So what? I’ve scanned the internet more than 100’ times on all ports/protocols
than you can imagine with zmap and many other shabby tools.
I agree with To
: Suspicious IP reporting
Tom,
Others are seeing it as I provided the website that shows others are seeing it.
https://www.abuseipdb.com/check/79.124.62.86
I think it is pretty poor form to be ignorant.
Congrats you have been banned from my gmail account straight to the deleted.
On Thu
Tom,
Others are seeing it as I provided the website that shows others are seeing
it.
https://www.abuseipdb.com/check/79.124.62.86
I think it is pretty poor form to be ignorant.
Congrats you have been banned from my gmail account straight to the deleted.
On Thu, Feb 4, 2021 at 1:12 PM Tom Beeche
I think it's pretty poor form to ask people to report an IP for doing
something they are not seeing themselves, and may not even be abuse. What
does "hitting devices" mean? Pings? SNMP?
This sort of thing contributes to abuse reponses being poor; lots of noise,
not much signal.
On Thu, Feb 4, 202
This IP is hitting devices on cellular networks for the past day or so.
https://www.abuseipdb.com/whois/79.124.62.86
I think this is the info to report it to the ISP. Any help or if everyone
can report it, I would be a happy camper.
ab...@4cloud.mobi; ab...@fiberinternet.bg
https://en.asytech.
18 matches
Mail list logo
