On Thu, 9 Nov 2000 11:04:28 +0100 Jan Muenther <jan_at_RADIO.HUNDERT6.DE>
wrote:
> Hi,
>
> > <aol>Me too</aol>. I have seen repeated DNS over TCP, ftp and other
> > scans from dip.t-dialin.net addresses. Complaints to abuse_at_t-ipnet.de
> > get zero response. In the end I just blocked 212.185.223.0/24.
>
> You should try and send your complaints to abuse_at_t-online.de.
> These guys generally do a good job, if you provide accurate logs.
> Might be more "responsive" if you talk to them in German, which I
> am willing to do in case you want me to.
I have also seen a lot of activity from this block -- latest is a ftp
scan of our entire /16 yesterday. I have always had automated
response followed by personal followup to my complaints to
abuse_at_t-online.de. In my complaints I alway supply accurate times (GPS
sync'ed) and actual log records. I suspect many ISP simply black hole
any report that does not have both.
That said we do see a lot of activity from this block so I do wonder
how effective their enforcemnet is.
Russell.
Received on Nov 13 2000
Intro
