|
Author |
Topic Options
|
Posts: 33963
Posted: Mon Feb 26, 2018 12:17 pm
BartSimpson wrote: Anyone notice a trend on these sites?
.ru <<<<<<< Yup. Just redirect *.ru > 127.0.0.1.
|
Posts: 33963
Posted: Tue Feb 27, 2018 6:56 am
|
Posts: 63926
Posted: Wed Mar 14, 2018 11:21 am
Bad shit hitting from these two IP addresses - block them RIGHT THE F*** NOW!!!
154.118.69.105 – Nigeria 169.159.124.224 – South Africa
|
Posts: 9046
Posted: Wed Mar 14, 2018 6:54 pm
DrCaleb wrote: BartSimpson wrote: Anyone notice a trend on these sites?
.ru <<<<<<< Yup. Just redirect *.ru > 127.0.0.1. NOOOOOOO!!!!! That's MY IP address... 
|
Posts: 63926
Posted: Thu Oct 11, 2018 9:28 am
These IP addresses are RIGHT NOW engaged in brute force attacks against Office 365 accounts and they should be blocked RIGHT NOW!!!!
SourceIPv4: 183.96.170.172 SourceLocation: Seoul, Seoul-t'ukpyolsi, Korea, unknown SourceIPv4: 121.147.255.197 SourceLocation: Gwangju, Kwangju-jikhalsi, Korea, unknown SourceIPv4: 119.170.34.30 SourceLocation: Fukuoka, Fukuoka, Japan, 812-0044 SourceIPv4: 119.170.34.30 SourceLocation: Fukuoka, Fukuoka, Japan, 812-0044 SourceIPv4: 221.151.71.196 SourceLocation: Seoul, Seoul-t'ukpyolsi, Korea, unknown SourceIPv4: 58.232.115.60 SourceLocation: Bupyeong-gu, Inch'on-jikhalsi, Korea, unknown SourceIPv4: 58.232.115.60 SourceLocation: Bupyeong-gu, Inch'on-jikhalsi, Korea, unknown SourceIPv4: 184.22.53.211 SourceLocation: Bangkok, Khon Kaen, Thailand, 96546 SourceIPv4: 220.248.209.217 SourceLocation: Nanchang, Jiangxi, China, unknown
|
Posts: 63926
Posted: Thu Oct 11, 2018 9:33 am
More O365 attacks coming from these sources:
185.255.31.122 109.94.182.9 204.101.4.42 109.104.129.190 113.166.92.133 45.65.129.50 177.72.85.59 80.64.174.141 36.80.255.75 200.188.149.132 200.77.186.205 187.85.128.206 177.10.161.77 79.104.44.62 78.30.235.121 75.128.209.158 200.155.56.90 212.46.220.214 200.178.103.83 187.60.253.70 177.126.117.218 65.36.62.211 201.151.139.210 177.72.85.141 213.155.165.203 96.66.200.209 88.199.144.241 84.53.239.248 114.199.112.170 186.237.161.50 151.232.223.88 202.29.225.210 74.116.182.35 178.22.250.245 186.237.129.90 92.62.78.204 83.222.212.37 193.77.64.187 186.249.16.4 177.19.181.10 114.7.2.194 168.90.89.238 85.113.52.219 221.152.185.1 31.173.222.131 202.93.231.118 41.222.58.138 187.162.172.109 1.53.137.84 103.36.11.130 187.44.192.110 90.188.252.215 203.194.234.29 114.4.208.6 31.173.22.161 187.19.127.178 201.150.144.194 185.161.244.66 180.178.104.50 177.74.189.73 210.48.139.228 109.104.130.155 103.19.57.194 170.81.13.250 202.38.180.142 212.56.217.166 170.238.190.50 201.71.155.198 45.225.4.91 118.89.236.185 170.245.200.6 103.26.95.74 69.139.46.60 36.89.41.87 89.29.74.245 85.95.152.96 177.73.47.41 203.83.163.206 170.233.114.168 177.222.202.254 187.102.16.194 45.5.108.1 46.97.207.62 109.87.44.156 109.75.46.81 170.82.180.13 213.163.113.133 103.253.3.18 177.128.199.70 177.55.128.138 119.42.152.181 177.91.75.45 185.164.252.136 187.84.146.178 177.130.96.202 177.234.178.107 187.58.241.227 93.87.83.30 185.30.43.119 177.72.82.93 103.194.173.201 103.59.200.58 201.20.79.154 191.191.211.101 177.200.80.190 170.233.114.9 91.80.141.79 86.49.144.14 144.52.219.31 113.160.247.180 77.72.127.246 140.250.215.236 140.250.246.44 144.52.234.216 50.115.200.252 182.46.234.134 144.52.235.8 98.124.121.102 103.206.168.130 182.42.252.241 177.107.50.18 185.36.172.90 177.129.125.17 200.111.130.69 181.167.3.113 177.182.33.211 213.216.73.44 210.245.51.2 186.235.84.238 177.8.247.14 45.234.208.6 169.239.171.66 91.214.130.237 113.53.244.14 194.190.59.71 177.136.121.34 175.100.36.82 189.69.242.227 190.103.29.38 200.108.229.88 177.154.164.29 31.148.90.220 218.106.167.102 177.72.73.160 84.10.50.130 187.45.147.213 85.14.121.66 31.13.17.211 181.55.149.31 168.90.145.50 41.203.255.130 178.213.128.8 92.245.103.10 216.221.82.166 191.6.132.126 186.225.148.34 194.186.246.22 222.133.16.134 43.243.143.42 194.226.170.210 200.10.132.8 213.33.236.118 212.154.62.240 168.194.76.198 181.52.244.72 189.51.105.116 177.154.164.35 80.91.83.237 103.70.145.93 177.74.128.150 97.90.90.112 185.237.80.230 201.34.74.10 168.181.109.21 190.149.56.74 68.66.162.154 77.48.21.70 191.5.179.6 109.86.227.192 82.139.146.190 109.175.29.7 216.183.62.70 196.29.228.162 210.16.84.182 89.212.1.87 177.38.182.110 62.97.194.130 177.84.143.9 177.73.168.241 69.85.71.216 119.235.50.5 45.238.253.26 71.9.0.33 187.44.166.86 92.245.114.134 83.234.26.50 64.33.237.158 177.221.202.94 109.61.24.10 117.121.229.174 190.186.59.22 115.78.13.27 185.140.232.187 176.98.131.67 193.32.73.44 82.142.87.2 212.107.232.101 98.175.135.108 45.71.131.23 109.195.18.122 187.111.194.53 119.63.130.62 177.101.55.94 187.73.110.229 203.128.74.116 181.193.68.154 186.251.103.81 45.225.6.56 178.208.254.191 81.27.88.27 210.184.172.196 189.113.31.2 31.173.68.6 81.170.250.118 201.148.100.197 195.239.106.106 201.159.112.70 185.30.42.29 213.254.25.203 76.80.132.78 122.200.144.114 37.205.72.196 213.217.58.142 103.89.62.94 85.30.205.28 66.191.71.54 177.200.72.242 187.54.225.148 87.103.204.97 85.15.43.48 91.102.229.253 177.72.80.134 83.238.48.190 177.66.167.5 212.70.159.219 185.46.110.134 187.4.112.242 138.219.111.199 186.248.104.78 64.253.35.41 103.225.221.107 170.81.13.104 46.232.207.195 85.132.3.78 101.81.97.171 177.43.79.155 31.185.3.126 87.121.77.67 86.107.192.59 109.104.130.50 177.23.162.2 186.237.181.38 105.234.155.161 66.202.181.122 43.252.236.198 213.242.213.29 177.200.70.13 94.112.254.78 168.227.190.2 181.47.250.66 180.128.0.244 221.156.148.97 45.4.58.154 203.190.113.205 197.245.254.21 190.52.199.131 185.30.43.113 178.140.36.137 200.162.162.70 82.112.184.202 177.154.163.94 200.5.32.35 181.48.125.198 200.47.33.100 200.77.186.201 177.0.57.204 177.8.175.11 50.243.254.25 36.66.232.96 80.89.137.210 177.200.44.126 192.161.70.254 168.90.172.130 213.33.221.182 189.62.221.233 177.70.165.2 185.101.236.217 92.50.59.35 177.52.72.253 195.209.48.50 170.254.141.110 94.75.120.22 216.6.204.67 91.185.236.239 176.110.125.233 109.104.133.170 109.122.78.95 200.77.186.180 177.128.120.174 103.26.215.50 61.132.233.195 178.173.144.88 149.6.4.198 200.5.32.196 187.94.252.30 213.240.249.114 81.211.74.186 24.240.150.194 71.42.49.250 109.167.102.9 209.112.226.4 213.231.1.146 80.232.222.135 41.160.237.202 115.248.150.81 46.225.123.23 91.224.184.14 188.191.28.113 162.216.206.94 203.177.132.246 202.84.32.74 217.17.111.107 91.98.22.132 185.135.172.30 91.187.97.235 168.181.232.253 190.113.147.29 177.223.54.50 80.90.89.225 177.75.69.142 46.40.7.130 85.202.11.27 185.195.129.244 170.245.228.1 103.77.188.2 187.120.240.246 41.180.1.182 91.108.141.206 77.89.200.74 31.46.228.23 45.4.254.30 79.140.24.48 78.108.245.211 196.250.225.94 88.220.191.199 78.158.174.131 89.46.238.133 80.254.216.42 37.131.172.173 103.69.20.120 103.10.58.21 95.138.228.28 118.97.171.52 177.73.8.22 179.108.53.226 82.147.105.182 47.35.216.134 200.186.63.26 122.102.29.97 103.36.8.185 113.11.110.40 177.154.170.118 31.185.100.74 113.177.27.217 41.57.105.147 182.160.125.51 201.150.48.214 202.93.230.58 177.11.244.42 168.181.196.28 78.9.24.2 202.160.162.2 80.123.255.86 111.91.76.54 177.128.216.110 170.79.190.94 114.34.48.147 181.60.199.50 177.152.52.14
|
Posts: 33963
Posted: Mon Mar 04, 2019 11:41 am
Just got an email: Quote: To reduce malicious and unwanted network traffic into the GoA network, Service Alberta will be configuring the [IPS] to only allow inbound traffic for web ports 443(HTTPS) and 80(HTTP), network port 53(DNS), and email port 25(SMTP). This change applies to all countries except USA and Canada which are allowed on existing open ports. This change will take place on Thursday March 7, 2019 at 11:00 p.m. MT.
Similar changes to block inbound traffic for China, May 2018 and Russia, June 2018 were previously implemented successfully without any reported incidents.

|
Posts: 63926
Posted: Mon Mar 04, 2019 12:03 pm
Wow!!! Good on Canada!!! 
|
Posts: 33963
Posted: Mon Mar 04, 2019 12:27 pm
Not all 'Canada'.  Just the Government of Alberta. Let me tell you, we saw a huge reduction in our logs with addresses trying to penetrate our network when we denied all inbound connections from Russia and especially China. Like, a 96% reduction.
|
Posts: 63926
Posted: Mon Mar 04, 2019 12:56 pm
Yup. I'm currently denying access to fifteen countries. Management did not want this done so I went ahead and did it anyway and no one noticed. 
|
Posts: 63926
Posted: Wed Mar 20, 2019 10:12 am
Just had China's cyberwarfare unit try to run a PHP uri tag injection against one of our websites.
The plicks had the balls to attack us from one of their known IP addresses in Shanghai instead of going through a VPN or a TOR node.
It's like they wanted us to know it's them.
123.129.224.83
IP range 123.129.223.0-123.129.230.255
|
Posts: 33963
Posted: Wed Mar 20, 2019 10:21 am
China who? ![huh? [huh]](./images/smilies/icon_scratch.gif) 
|
Posts: 63926
Posted: Wed Mar 20, 2019 10:39 am
The PLA Unit 61398 are now hitting us with the same stupid attack but from 60.215.26.68
IP range 60.215.8.4-60.215.109.63
|
Posts: 33963
Posted: Wed Mar 20, 2019 10:40 am
Not even trying to hide it? That's odd.
Unless it's a distraction for what they are actually up to.
|
|
Page 5 of 5
|
[ 74 posts ] |
Who is online |
Users browsing this forum: No registered users and 2 guests |
|
|