Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts

Liste des GroupesRevenir à nan email 
Sujet : Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts
De : noc (at) *nospam* inter-corporate.com (Randolf Richardson 張文道)
Groupes : news.admin.net-abuse.email
Date : 12. Jul 2024, 19:00:34
Autres entêtes
Organisation : Inter-Corporate Computer & Network Services, Inc. -- Simplifying complexity
Message-ID : <20240712110034.b52c22619e2879ae6d5b8729@inter-corporate.com>
References : 1 2
User-Agent : Sylpheed 3.7.0 (GTK+ 2.24.33; x86_64-pc-linux-gnu)
On Fri, 12 Jul 2024 09:53:10 +0200
Marco Moock <mm+usenet-es@dorfdsl.de> wrote:
On 11.07.2024 um 11:04 Uhr Randolf Richardson 張文道 wrote:
 
I'm wondering, has anyone encountered attacks from
any other IP addresses in this /24?  I'm not finding
anything aside from 95.51.2.78 in our logs.
 
I assume this is just a hacked machine that is being part of a botnet.
It isn't even listed on uceprotect, spamhaus nor blocklist, so the
amount of attacks to a wide range of addresses isn't that much.

This fits with what I suspected.  Thanks for taking a
look into it.

fail2ban should handle that.

Indeed. :)

--
Randolf Richardson 張文道, CNA - noc@inter-corporate.com
Inter-Corporate Computer & Network Services, Inc.
Beautiful British Columbia, Canada
https://www.inter-corporate.com/

Date Sujet#  Auteur
11 Jul 24 * 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts7Randolf Richardson 張文道
12 Jul 24 +* Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts4tjoen
12 Jul 24 i+* Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts2Sirius
12 Jul 24 ii`- Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts1D
12 Jul 24 i`- Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts1Marco Moock
12 Jul 24 `* Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts2Marco Moock
12 Jul 24  `- Re: 92.51.2.78/24 (AS209588) from Russia with love ... for SQL injection attempts1Randolf Richardson 張文道

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal