| |
| Author |
Topic Options
|
Posts: 35115
 Posted: Mon Feb 26, 2018 12:17 pm
BartSimpson wrote: Anyone notice a trend on these sites?
.ru <<<<<<< Yup. Just redirect *.ru > 127.0.0.1.
|
Posts: 35115
Posted: Tue Feb 27, 2018 6:56 am
|
Posts: 64791
Posted: Wed Mar 14, 2018 11:21 am
Bad shit hitting from these two IP addresses - block them RIGHT THE F*** NOW!!!
154.118.69.105 – Nigeria
169.159.124.224 – South Africa
|
Posts: 9456
Posted: Wed Mar 14, 2018 6:54 pm
DrCaleb wrote: BartSimpson wrote: Anyone notice a trend on these sites?
.ru <<<<<<< Yup. Just redirect *.ru > 127.0.0.1. NOOOOOOO!!!!! That's MY IP address... 
|
Posts: 64791
Posted: Thu Oct 11, 2018 9:28 am
These IP addresses are RIGHT NOW engaged in brute force attacks against Office 365 accounts and they should be blocked RIGHT NOW!!!!
SourceIPv4: 183.96.170.172
SourceLocation: Seoul, Seoul-t'ukpyolsi, Korea, unknown
SourceIPv4: 121.147.255.197
SourceLocation: Gwangju, Kwangju-jikhalsi, Korea, unknown
SourceIPv4: 119.170.34.30
SourceLocation: Fukuoka, Fukuoka, Japan, 812-0044
SourceIPv4: 119.170.34.30
SourceLocation: Fukuoka, Fukuoka, Japan, 812-0044
SourceIPv4: 221.151.71.196
SourceLocation: Seoul, Seoul-t'ukpyolsi, Korea, unknown
SourceIPv4: 58.232.115.60
SourceLocation: Bupyeong-gu, Inch'on-jikhalsi, Korea, unknown
SourceIPv4: 58.232.115.60
SourceLocation: Bupyeong-gu, Inch'on-jikhalsi, Korea, unknown
SourceIPv4: 184.22.53.211
SourceLocation: Bangkok, Khon Kaen, Thailand, 96546
SourceIPv4: 220.248.209.217
SourceLocation: Nanchang, Jiangxi, China, unknown
|
Posts: 64791
Posted: Thu Oct 11, 2018 9:33 am
More O365 attacks coming from these sources:
185.255.31.122
109.94.182.9
204.101.4.42
109.104.129.190
113.166.92.133
45.65.129.50
177.72.85.59
80.64.174.141
36.80.255.75
200.188.149.132
200.77.186.205
187.85.128.206
177.10.161.77
79.104.44.62
78.30.235.121
75.128.209.158
200.155.56.90
212.46.220.214
200.178.103.83
187.60.253.70
177.126.117.218
65.36.62.211
201.151.139.210
177.72.85.141
213.155.165.203
96.66.200.209
88.199.144.241
84.53.239.248
114.199.112.170
186.237.161.50
151.232.223.88
202.29.225.210
74.116.182.35
178.22.250.245
186.237.129.90
92.62.78.204
83.222.212.37
193.77.64.187
186.249.16.4
177.19.181.10
114.7.2.194
168.90.89.238
85.113.52.219
221.152.185.1
31.173.222.131
202.93.231.118
41.222.58.138
187.162.172.109
1.53.137.84
103.36.11.130
187.44.192.110
90.188.252.215
203.194.234.29
114.4.208.6
31.173.22.161
187.19.127.178
201.150.144.194
185.161.244.66
180.178.104.50
177.74.189.73
210.48.139.228
109.104.130.155
103.19.57.194
170.81.13.250
202.38.180.142
212.56.217.166
170.238.190.50
201.71.155.198
45.225.4.91
118.89.236.185
170.245.200.6
103.26.95.74
69.139.46.60
36.89.41.87
89.29.74.245
85.95.152.96
177.73.47.41
203.83.163.206
170.233.114.168
177.222.202.254
187.102.16.194
45.5.108.1
46.97.207.62
109.87.44.156
109.75.46.81
170.82.180.13
213.163.113.133
103.253.3.18
177.128.199.70
177.55.128.138
119.42.152.181
177.91.75.45
185.164.252.136
187.84.146.178
177.130.96.202
177.234.178.107
187.58.241.227
93.87.83.30
185.30.43.119
177.72.82.93
103.194.173.201
103.59.200.58
201.20.79.154
191.191.211.101
177.200.80.190
170.233.114.9
91.80.141.79
86.49.144.14
144.52.219.31
113.160.247.180
77.72.127.246
140.250.215.236
140.250.246.44
144.52.234.216
50.115.200.252
182.46.234.134
144.52.235.8
98.124.121.102
103.206.168.130
182.42.252.241
177.107.50.18
185.36.172.90
177.129.125.17
200.111.130.69
181.167.3.113
177.182.33.211
213.216.73.44
210.245.51.2
186.235.84.238
177.8.247.14
45.234.208.6
169.239.171.66
91.214.130.237
113.53.244.14
194.190.59.71
177.136.121.34
175.100.36.82
189.69.242.227
190.103.29.38
200.108.229.88
177.154.164.29
31.148.90.220
218.106.167.102
177.72.73.160
84.10.50.130
187.45.147.213
85.14.121.66
31.13.17.211
181.55.149.31
168.90.145.50
41.203.255.130
178.213.128.8
92.245.103.10
216.221.82.166
191.6.132.126
186.225.148.34
194.186.246.22
222.133.16.134
43.243.143.42
194.226.170.210
200.10.132.8
213.33.236.118
212.154.62.240
168.194.76.198
181.52.244.72
189.51.105.116
177.154.164.35
80.91.83.237
103.70.145.93
177.74.128.150
97.90.90.112
185.237.80.230
201.34.74.10
168.181.109.21
190.149.56.74
68.66.162.154
77.48.21.70
191.5.179.6
109.86.227.192
82.139.146.190
109.175.29.7
216.183.62.70
196.29.228.162
210.16.84.182
89.212.1.87
177.38.182.110
62.97.194.130
177.84.143.9
177.73.168.241
69.85.71.216
119.235.50.5
45.238.253.26
71.9.0.33
187.44.166.86
92.245.114.134
83.234.26.50
64.33.237.158
177.221.202.94
109.61.24.10
117.121.229.174
190.186.59.22
115.78.13.27
185.140.232.187
176.98.131.67
193.32.73.44
82.142.87.2
212.107.232.101
98.175.135.108
45.71.131.23
109.195.18.122
187.111.194.53
119.63.130.62
177.101.55.94
187.73.110.229
203.128.74.116
181.193.68.154
186.251.103.81
45.225.6.56
178.208.254.191
81.27.88.27
210.184.172.196
189.113.31.2
31.173.68.6
81.170.250.118
201.148.100.197
195.239.106.106
201.159.112.70
185.30.42.29
213.254.25.203
76.80.132.78
122.200.144.114
37.205.72.196
213.217.58.142
103.89.62.94
85.30.205.28
66.191.71.54
177.200.72.242
187.54.225.148
87.103.204.97
85.15.43.48
91.102.229.253
177.72.80.134
83.238.48.190
177.66.167.5
212.70.159.219
185.46.110.134
187.4.112.242
138.219.111.199
186.248.104.78
64.253.35.41
103.225.221.107
170.81.13.104
46.232.207.195
85.132.3.78
101.81.97.171
177.43.79.155
31.185.3.126
87.121.77.67
86.107.192.59
109.104.130.50
177.23.162.2
186.237.181.38
105.234.155.161
66.202.181.122
43.252.236.198
213.242.213.29
177.200.70.13
94.112.254.78
168.227.190.2
181.47.250.66
180.128.0.244
221.156.148.97
45.4.58.154
203.190.113.205
197.245.254.21
190.52.199.131
185.30.43.113
178.140.36.137
200.162.162.70
82.112.184.202
177.154.163.94
200.5.32.35
181.48.125.198
200.47.33.100
200.77.186.201
177.0.57.204
177.8.175.11
50.243.254.25
36.66.232.96
80.89.137.210
177.200.44.126
192.161.70.254
168.90.172.130
213.33.221.182
189.62.221.233
177.70.165.2
185.101.236.217
92.50.59.35
177.52.72.253
195.209.48.50
170.254.141.110
94.75.120.22
216.6.204.67
91.185.236.239
176.110.125.233
109.104.133.170
109.122.78.95
200.77.186.180
177.128.120.174
103.26.215.50
61.132.233.195
178.173.144.88
149.6.4.198
200.5.32.196
187.94.252.30
213.240.249.114
81.211.74.186
24.240.150.194
71.42.49.250
109.167.102.9
209.112.226.4
213.231.1.146
80.232.222.135
41.160.237.202
115.248.150.81
46.225.123.23
91.224.184.14
188.191.28.113
162.216.206.94
203.177.132.246
202.84.32.74
217.17.111.107
91.98.22.132
185.135.172.30
91.187.97.235
168.181.232.253
190.113.147.29
177.223.54.50
80.90.89.225
177.75.69.142
46.40.7.130
85.202.11.27
185.195.129.244
170.245.228.1
103.77.188.2
187.120.240.246
41.180.1.182
91.108.141.206
77.89.200.74
31.46.228.23
45.4.254.30
79.140.24.48
78.108.245.211
196.250.225.94
88.220.191.199
78.158.174.131
89.46.238.133
80.254.216.42
37.131.172.173
103.69.20.120
103.10.58.21
95.138.228.28
118.97.171.52
177.73.8.22
179.108.53.226
82.147.105.182
47.35.216.134
200.186.63.26
122.102.29.97
103.36.8.185
113.11.110.40
177.154.170.118
31.185.100.74
113.177.27.217
41.57.105.147
182.160.125.51
201.150.48.214
202.93.230.58
177.11.244.42
168.181.196.28
78.9.24.2
202.160.162.2
80.123.255.86
111.91.76.54
177.128.216.110
170.79.190.94
114.34.48.147
181.60.199.50
177.152.52.14
|
Posts: 35115
Posted: Mon Mar 04, 2019 11:41 am
Just got an email: Quote: To reduce malicious and unwanted network traffic into the GoA network, Service Alberta will be configuring the [IPS] to only allow inbound traffic for web ports 443(HTTPS) and 80(HTTP), network port 53(DNS), and email port 25(SMTP). This change applies to all countries except USA and Canada which are allowed on existing open ports. This change will take place on Thursday March 7, 2019 at 11:00 p.m. MT.
Similar changes to block inbound traffic for China, May 2018 and Russia, June 2018 were previously implemented successfully without any reported incidents.
|
Posts: 64791
Posted: Mon Mar 04, 2019 12:03 pm
Wow!!! Good on Canada!!! 
|
Posts: 35115
Posted: Mon Mar 04, 2019 12:27 pm
Not all 'Canada'.  Just the Government of Alberta. Let me tell you, we saw a huge reduction in our logs with addresses trying to penetrate our network when we denied all inbound connections from Russia and especially China. Like, a 96% reduction.
|
Posts: 64791
Posted: Mon Mar 04, 2019 12:56 pm
Yup. I'm currently denying access to fifteen countries. Management did not want this done so I went ahead and did it anyway and no one noticed.
|
Posts: 64791
Posted: Wed Mar 20, 2019 10:12 am
Just had China's cyberwarfare unit try to run a PHP uri tag injection against one of our websites.
The plicks had the balls to attack us from one of their known IP addresses in Shanghai instead of going through a VPN or a TOR node.
It's like they wanted us to know it's them.
123.129.224.83
IP range 123.129.223.0-123.129.230.255
|
Posts: 35115
Posted: Wed Mar 20, 2019 10:21 am
China who? ![[huh]](./images/smilies/icon_scratch.gif "huh?")
|
Posts: 64791
Posted: Wed Mar 20, 2019 10:39 am
The PLA Unit 61398 are now hitting us with the same stupid attack but from 60.215.26.68
IP range 60.215.8.4-60.215.109.63
|
Posts: 35115
Posted: Wed Mar 20, 2019 10:40 am
Not even trying to hide it? That's odd.
Unless it's a distraction for what they are actually up to.
|
 
|
Page 5 of 5
|
[ 74 posts ] |
Who is online |
Users browsing this forum: No registered users and 1 guest |
|
|
CKA Moderator 
CKA Moderator 
CKA Super Elite 
