[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Avast / Privax abuse contact

Subject: Avast / Privax abuse contact
From: jbarrett at calltower.com (Jack Barrett)
Date: Wed, 1 Aug 2018 22:34:16 +0000
In-reply-to: <CAM3TTh1c+_LB+YqdiSi+rf_b3-kuRFjTJgg4ZmcJNWsZ6C7F2A@mail.gmail.com>
References: <CAHdm834SnUgtZXDXB839wnGFTULUs7ZPE1t0M-w9Qtai0fxg_A@mail.gmail.com> <CAM3TTh1c+_LB+YqdiSi+rf_b3-kuRFjTJgg4ZmcJNWsZ6C7F2A@mail.gmail.com>

I agree.  Complaints are rarely acknowledged and never promptly.  We simply use a combination of Fail2Ban and remote trigger black hole filtering to drop the inbound traffic from probing IPs at our borders.

-----Original Message-----
From: NANOG <nanog-bounces at nanog.org> On Behalf Of Dovid Bender
Sent: Wednesday, August 1, 2018 3:09 PM
To: Matt Harris <matt at netfire.net>
Cc: North American Network Operators' Group <nanog at nanog.org>
Subject: Re: Avast / Privax abuse contact

Matt,

Rarely do we ever get a response when we file complaints for SIP traffic.
We simply use Kamilio and where have known bad UA's we just drop the packets and ban the IP's (using Fail2Ban), it will save you a lot of grief.
It's like trying to go after every get request to phpMyAdmin.

On Wed, Aug 1, 2018 at 1:11 PM, Matt Harris <matt at netfire.net> wrote:

> Anybody know anyone at or anything about Privax or Avast?  AS 198605 
> is announcing the problem networks.
>
> Getting a ton of SIP brute force attacks from their space, and emails 
> with addresses/timestamps to the abuse contacts listed at RIRs/etc 
> have not yieled any responses.  Attacks still coming.
>
> Thanks!
>

References:
- Avast / Privax abuse contact
  - From: matt at netfire.net (Matt Harris)
- Avast / Privax abuse contact
  - From: dovid at telecurve.com (Dovid Bender)

Prev by Date: Avast / Privax abuse contact
Next by Date: SAFNOG-4/EANOG/tzNOG Registration Now Open!
Previous by thread: Avast / Privax abuse contact
Next by thread: Avast / Privax abuse contact
Index(es):
- Date
- Thread