On Wed, Mar 12, 2008 at 03:46:00AM +0000, Paul Ferguson wrote:
> 
> I have repeatedly notified both Layered Technologies and SoftLayer on
> malicious (and criminal) activities occurring in their IP address space
> (their hosting facilities), but it continues to happen on a regular basis
> (for over a year). Apparently, they don't seem to police their own
> backyards, so it might be worthwhile to consider blocking these IP blocks
> until they clean up their act.

I've seen incoming spam from all of these.  I recommend blacklisting
them outright on all your mail servers.  No doubt these are only a
subset of the blocks infested, and no doubt there are far worse
things than spam associated with them, but it's at least a start.

        67.228.10.0/24  softlayer-dirty 2007
        67.228.11.0/24  softlayer-dirty 2007
        67.228.39.0/24  softlayer-dirty 2007
        67.228.55.0/24  softlayer-dirty jan2008
        67.228.97.0/24  softlayer-dirty jan2008
        67.228.98.0/24  softlayer-dirty jan2008
        67.228.100.0/24 softlayer-dirty 2007
        67.228.110.0/24 softlayer-dirty jan2008
        72.232.96.0/24  layeredtech-dirty       2007
        72.232.179.0/24 layeredtech-dirty       2007
        72.232.191.0/24 layeredtech-dirty       2007
        72.232.192.0/24 layeredtech-dirty       2007
        72.232.243.0/24 layeredtech-dirty       2007
        74.86.52.0/24   softlayer-dirty jan2008
        74.86.68.0/24   softlayer-dirty 2007
        74.86.94.0/24   softlayer-dirty jan2008
        74.86.111.0/24  softlayer-dirty 2007
        74.86.203.0/24  softlayer-dirty 2007
        74.86.224.0/24  softlayer-dirty 2007
        74.86.239.0/24  softlayer-dirty 2007
        75.126.19.0/24  softlayer-dirty 2007
        75.126.69.0/24  softlayer-dirty 2007
        75.126.80.0/24  softlayer-dirty 2007
        208.101.10.0/24 softlayer-dirty feb2008
        208.101.34.0/24 softlayer-dirty 2007
        208.101.36.0/24 softlayer-dirty 2007

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Reply via email to