On Wed, Mar 12, 2008 at 03:46:00AM +0000, Paul Ferguson wrote:
>
> I have repeatedly notified both Layered Technologies and SoftLayer on
> malicious (and criminal) activities occurring in their IP address space
> (their hosting facilities), but it continues to happen on a regular basis
> (for over a year). Apparently, they don't seem to police their own
> backyards, so it might be worthwhile to consider blocking these IP blocks
> until they clean up their act.
I've seen incoming spam from all of these. I recommend blacklisting
them outright on all your mail servers. No doubt these are only a
subset of the blocks infested, and no doubt there are far worse
things than spam associated with them, but it's at least a start.
67.228.10.0/24 softlayer-dirty 2007
67.228.11.0/24 softlayer-dirty 2007
67.228.39.0/24 softlayer-dirty 2007
67.228.55.0/24 softlayer-dirty jan2008
67.228.97.0/24 softlayer-dirty jan2008
67.228.98.0/24 softlayer-dirty jan2008
67.228.100.0/24 softlayer-dirty 2007
67.228.110.0/24 softlayer-dirty jan2008
72.232.96.0/24 layeredtech-dirty 2007
72.232.179.0/24 layeredtech-dirty 2007
72.232.191.0/24 layeredtech-dirty 2007
72.232.192.0/24 layeredtech-dirty 2007
72.232.243.0/24 layeredtech-dirty 2007
74.86.52.0/24 softlayer-dirty jan2008
74.86.68.0/24 softlayer-dirty 2007
74.86.94.0/24 softlayer-dirty jan2008
74.86.111.0/24 softlayer-dirty 2007
74.86.203.0/24 softlayer-dirty 2007
74.86.224.0/24 softlayer-dirty 2007
74.86.239.0/24 softlayer-dirty 2007
75.126.19.0/24 softlayer-dirty 2007
75.126.69.0/24 softlayer-dirty 2007
75.126.80.0/24 softlayer-dirty 2007
208.101.10.0/24 softlayer-dirty feb2008
208.101.34.0/24 softlayer-dirty 2007
208.101.36.0/24 softlayer-dirty 2007
---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
