RE: Suspicious IP reporting

used-for-c-c-and-data-exfiltration/ Could it be that what the OP observed is link to a browser vulnerability started to be exploited recently? Cheers, Jean From: NANOG On Behalf Of Joe Sent: February 5, 2021 9:51 AM To: JoeSox Cc: NANOG Subject: Re: Suspicious IP reporting Much

Re: Suspicious IP reporting

inux, >> ipfw/pf on *BSD, etc. >> >> >> >> Ryan >> >> >> >> *From:* JoeSox >> *Sent:* Thursday, February 4, 2021 5:04 PM >> *To:* r...@rkhtech.org >> *Cc:* TJ Trout ; NANOG >> *Subject:* Re: Suspicious IP reporting

Re: Suspicious IP reporting

f safety and convenience for them, but also charge you a rental fee. >> >> >> >> Stick a Cradlepoint router or something in front of your device, if you want >> an external means of protection. Otherwise you’ll need to enable the Windows >> Firewall if it’s a Windows system

Re: Suspicious IP reporting

oint router or something in front of your device, if you want > an external means of protection. Otherwise you’ll need to enable the Windows > Firewall if it’s a Windows system, or setup iptables on Linux, ipfw/pf on > *BSD, etc. > > > > Ryan > > > > F

Re: Suspicious IP reporting

Stick a Cradlepoint router or something in front of your device, if you >> want an external means of protection. Otherwise you’ll need to enable the >> Windows Firewall if it’s a Windows system, or setup iptables on Linux, >> ipfw/pf on *BSD, etc. >> >> >> >&

Re: Suspicious IP reporting

you’ll need to enable the >> Windows Firewall if it’s a Windows system, or setup iptables on Linux, >> ipfw/pf on *BSD, etc. >> >> >> >> Ryan >> >> >> >> *From:* JoeSox >> *Sent:* Thursday, February 4, 2021 5:04 PM >> *To:* r...@rkht

Re: Suspicious IP reporting

n Linux, > ipfw/pf on *BSD, etc. > > > > Ryan > > > > *From:* JoeSox > *Sent:* Thursday, February 4, 2021 5:04 PM > *To:* r...@rkhtech.org > *Cc:* TJ Trout ; NANOG > *Subject:* Re: Suspicious IP reporting > > > > How do I setup a firewall when I am n

RE: Suspicious IP reporting

on Linux, ipfw/pf on *BSD, etc. Ryan From: JoeSox Sent: Thursday, February 4, 2021 5:04 PM To: r...@rkhtech.org Cc: TJ Trout ; NANOG Subject: Re: Suspicious IP reporting How do I setup a firewall when I am not a Verizon engineer? There is a firewall via the antivirus and operating system

Re: Suspicious IP reporting

specifically, otherwise it is false reporting and > does create more noise at the ISP, and waste more time getting to the > underlying issue. > > > > Ryan > > > > *From:* NANOG *On Behalf Of * > JoeSox > *Sent:* Thursday, February 4, 2021 4:41 PM > *To:* TJ Trout >

RE: Suspicious IP reporting

at the ISP, and waste more time getting to the underlying issue. Ryan From: NANOG On Behalf Of JoeSox Sent: Thursday, February 4, 2021 4:41 PM To: TJ Trout Cc: NANOG Subject: Re: Suspicious IP reporting Do others see this online bully started by Tom? The leader has spoken so the minions

Re: Suspicious IP reporting

Do others see this online bully started by Tom? The leader has spoken so the minions follow :) This list sometimes LOL I think if everyone gets off their high horse, the list communication would be less noisy for the list veterans. -- Thank You, Joe On Thu, Feb 4, 2021 at 4:36 PM TJ Trout

Re: Suspicious IP reporting

This seems like a highly suspect request coming from a North American network operator...? On Thu, Feb 4, 2021 at 10:23 AM JoeSox wrote: > > This IP is hitting devices on cellular networks for the past day or so. > https://www.abuseipdb.com/whois/79.124.62.86 > I think this is the info to

Re: Suspicious IP reporting

nly penalizing yourself by banning him. I would personally > not ban him. > > > > J > > > > *From:* Jean St-Laurent > *Sent:* February 4, 2021 6:28 PM > *To:* 'JoeSox' ; 'Tom Beecher' > *Cc:* 'NANOG' > *Subject:* RE: Suspicious IP reporting > > > &g

RE: Suspicious IP reporting

: February 4, 2021 6:28 PM To: 'JoeSox' ; 'Tom Beecher' Cc: 'NANOG' Subject: RE: Suspicious IP reporting So what? I’ve scanned the internet more than 100’ times on all ports/protocols than you can imagine with zmap and many other shabby tools. I agree with Tom that these absue reports

RE: Suspicious IP reporting

: Suspicious IP reporting Tom, Others are seeing it as I provided the website that shows others are seeing it. https://www.abuseipdb.com/check/79.124.62.86 I think it is pretty poor form to be ignorant. Congrats you have been banned from my gmail account straight to the deleted. On Thu

Re: Suspicious IP reporting

Tom, Others are seeing it as I provided the website that shows others are seeing it. https://www.abuseipdb.com/check/79.124.62.86 I think it is pretty poor form to be ignorant. Congrats you have been banned from my gmail account straight to the deleted. On Thu, Feb 4, 2021 at 1:12 PM Tom

Re: Suspicious IP reporting

I think it's pretty poor form to ask people to report an IP for doing something they are not seeing themselves, and may not even be abuse. What does "hitting devices" mean? Pings? SNMP? This sort of thing contributes to abuse reponses being poor; lots of noise, not much signal. On Thu, Feb 4,

Suspicious IP reporting

This IP is hitting devices on cellular networks for the past day or so. https://www.abuseipdb.com/whois/79.124.62.86 I think this is the info to report it to the ISP. Any help or if everyone can report it, I would be a happy camper. ab...@4cloud.mobi; ab...@fiberinternet.bg