North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Bad Dog, no biscuit, Interland

  • From: John M. Brown
  • Date: Fri Sep 06 11:48:58 2002

So after four different phone calls to Interland, and four 
different hangups by the techs and a refusal to do anything

Interland, your client is being bad. 

Five minute rate was very high

Folks need to take security and abuse issues seriously.  The time has come
for operators to have responsive staff, and to use technology to thwart
known bad things. 

Folks look at DOS/DDOS/IDS tools to check ingress traffic, lets also use them
to check EGRESS as well..  


Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3753 xx.yy.36.94:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3755 xx.yy.36.96:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3756 xx.yy.36.97:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3760 xx.yy.36.101:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3762 xx.yy.36.103:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3764 xx.yy.36.105:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3766 xx.yy.36.107:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3765 xx.yy.36.106:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3719 xx.yy.36.60:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3721 xx.yy.36.62:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3722 xx.yy.36.63:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3725 xx.yy.36.66:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3727 xx.yy.36.68:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3730 xx.yy.36.71:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3736 xx.yy.36.77:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3738 xx.yy.36.79:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3739 xx.yy.36.80:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3741 xx.yy.36.82:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3743 xx.yy.36.84:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3744 xx.yy.36.85:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3746 xx.yy.36.87:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3748 xx.yy.36.89:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3752 xx.yy.36.93:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3754 xx.yy.36.95:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3757 xx.yy.36.98:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3758 xx.yy.36.99:80 in via sis0
Sep  6 09:04:40 sentinel /kernel: ipfw: 2100 Deny TCP 64.19.151.228:3759 xx.yy.36.100:80 in via sis0