SSH bruteforce attempts from Verizon to "AS17452 Bitstop Inc"

Hi, I am a customer of Verizon Fios in NYC and received a very interesting abuse complaint today from ab...@verizon.com. I got SSH bruteforce attempts between my IP address and this IPv4 prefix: 202.91.160.0/20 This is hosted on a network called "AS17452 Bitstop Inc". My connection runs To

Re: SSH bruteforce attempts from Verizon to "AS17452 Bitstop Inc"

Hi Neel, this might be an interesting read for you: https://delroth.net/posts/spoofed-mass-scan-abuse/ Scott On Thursday, 31/10/2024 at 14:38 Neel Chauhan wrote: Hi, I am a customer of Verizon Fios in NYC and received a very interesting abuse complaint today from ab...@verizon.com. I got S

Reminder to Submit Presentations for NANOG 93

NANOG Community at large, The NANOG Program Committee (PC) would like to remind you that we are now accepting proposals for in-person or live remote presentations at all sessions of NANOG 93, taking place in Atlanta, GA on February 3-5, 2025. Below is a summary of key details and dates from the

N93 Registration is OPEN! Election Results Are In...+ More!

*** 🎃👻 Happy Halloween from NANOG!* Stay safe, secure your network, and enjoy the treats (online and off)! 🦇💻 *** NANOG Election Results are In* *Congratulations Board Members!

Re: SSH bruteforce attempts from Verizon to "AS17452 Bitstop Inc"

Good to hear it's not just me. It seems spoofed TCP/IP headers are used on Tor relay IP addresses, hoping to get away with it as "tor traffic" even when they're non-exit relays. I mean running an exit relay from home is a can of worms if you don't have a static IP block and supportive ISP. My

Re: SSH bruteforce attempts from Verizon to "AS17452 Bitstop Inc"

Don't you have some flow data you can analyze for those time frames to see what on your net it transmitting ? If not I'd suggest you set something up and see all outbound traffic to port 22. -- J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a lot abo