DDoS Attack and Portscans by P2P and Servers
For IP Filter dat:
http://whois.domaintools.com/90.25.73.81 (repeated log entries)
http://whois.domaintools.com/72.79.135.50
http://whois.domaintools.com/92.112.10.247 (92.0.0.0/8) (repeated)
http://whois.domaintools.com/124.13.82.125 (repeated log entries)
http://whois.domaintools.com/72.79.138.185 (72.64.0.0/11) (repeated)
http://whois.domaintools.com/72.79.142.186 (repeated)
http://whois.domaintools.com/92.112.5.46
http://whois.domaintools.com/72.79.128.12 (repeated)
http://whois.domaintools.com/60.54.9.133 (repeated)
http://whois.domaintools.com/122.116.116.34
http://whois.domaintools.com/116.15.80.136 (repeated)
http://whois.domaintools.com/84.75.67.250
http://whois.domaintools.com/172.214.18.253 (CIDR: 172.192.0.0/12, 172.208.0.0/13, 172.216.0.0/16) (repeated)
http://whois.domaintools.com/87.175.255.184 (repeated)
*repeated means aggressive attacks (logs shown always this IP)
Be aware from the above IP's! rep to Blocklist filter services (http://www.bluetack.co.uk/forums/index.php blacklist)
http://whois.domaintools.com/90.25.73.81 (repeated log entries)
http://whois.domaintools.com/72.79.135.50
http://whois.domaintools.com/92.112.10.247 (92.0.0.0/8) (repeated)
http://whois.domaintools.com/124.13.82.125 (repeated log entries)
http://whois.domaintools.com/72.79.138.185 (72.64.0.0/11) (repeated)
http://whois.domaintools.com/72.79.142.186 (repeated)
http://whois.domaintools.com/92.112.5.46
http://whois.domaintools.com/72.79.128.12 (repeated)
http://whois.domaintools.com/60.54.9.133 (repeated)
http://whois.domaintools.com/122.116.116.34
http://whois.domaintools.com/116.15.80.136 (repeated)
http://whois.domaintools.com/84.75.67.250
http://whois.domaintools.com/172.214.18.253 (CIDR: 172.192.0.0/12, 172.208.0.0/13, 172.216.0.0/16) (repeated)
http://whois.domaintools.com/87.175.255.184 (repeated)
*repeated means aggressive attacks (logs shown always this IP)
Be aware from the above IP's! rep to Blocklist filter services (http://www.bluetack.co.uk/forums/index.php blacklist)
3 comments:
Who would do such a thing and why I wouldn't know. Did you find out where they are coming form or do they ping different ips or use there own for DDOS?
nop they don't ping on different ip's. To post the log the blog is to small. These IP's attack more than xh long ever timestamps repeat quick. Just seen they are already many days active in log. We have done a drop 'no answer' in apf.
Maybe it sound little bit paranoid but they come as soon new releases get seeded at once.
on a webseed
Post a Comment
We would appreciate if you as readers of our blog, show us some feedback by signing up to this site with Friend Connect.
This will encourage us to publish updates in the future.