nanog mailing list archives
Re: A plea to ignore abuse reports from "watchdogcyberdefense.com"
From: Calvin Judy via NANOG <nanog () nanog org>
Date: Tue, 05 Nov 2024 11:21:53 -0500
Hetzner's automated abuse system is just as terrible. I did a write up on it a couple years ago, when it was being sold as a DoS method on certain nefarious forums, the malicious actor repeatedly spoofs your IP/ranges toward Hetzner ranges, generating abuse reports to your ISP, until your ISP nullroutes/suspends. We immediately bin anything that hits our abuse mailbox from Hetzner since then, because it got to the point that daily we were receiving obviously spoofed logs of UDP traffic. I tried to climb the ladder of bureaucracy at Hetzner, the highest point I was able to reach was a "senior network engineer," who told me to disable spoofing on my network, but could not comprehend that disabling spoofing on my network does not prevent other networks from spoofing our IPs.
Current thread:
- A plea to ignore abuse reports from "watchdogcyberdefense.com" Pierre Bourdon (Nov 05)
- Re: A plea to ignore abuse reports from "watchdogcyberdefense.com" Matt Corallo (Nov 05)
- Re: A plea to ignore abuse reports from "watchdogcyberdefense.com" Calvin Judy via NANOG (Nov 05)
- Re: A plea to ignore abuse reports from "watchdogcyberdefense.com" Mike Lewinski via NANOG (Nov 05)
- Re: A plea to ignore abuse reports from "watchdogcyberdefense.com" Warren Kumari (Nov 06)
- Re: A plea to ignore abuse reports from "watchdogcyberdefense.com" joel (Nov 06)
- Re: A plea to ignore abuse reports from "watchdogcyberdefense.com" Glen A. Pearce (Nov 06)
- Re: A plea to ignore abuse reports from "watchdogcyberdefense.com" Warren Kumari (Nov 06)