Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog - The most hated IP address of 2005 ? InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

The most hated IP address of 2005 ?

Published: 2005-12-28
Last Updated: 2005-12-28 16:21:42 UTC
by Daniel Wesemann (Version: 1)
0 comment(s)
Time for a little hall of shame. Is there any IP address range or individual IP address that was annoying the daylight out of you in 2005?  An address where you tried and tried to contact the ISP to have a malware, botnet controller, exploit page removed, but to no avail? Where exploits kept coming back again and again ?  Let us know, and we might share your story.  For starters, here is mine:

Most Hated Netblock:195.225.176.x - 195.225.177.x  (AS31159)
Provider: Netcathost, Kiev, Ukraine
Reason for claim to fame: Hosting exploits, browser hijackers and CoolWebSearch related annoyances since several months. Ignoring, bouncing, or rejecting any complaints to the abuse contacts.

Update: beehappyy.biz is being implicated in the currently ongoing WMF 0-day exploit mania. And guess what beehappyy.biz resolves to ? 195.225.176.38 - my favorite netblock again. Null-Routing, anyone?
Keywords:
0 comment(s)
Diary Archives