Hi,
I am getting a really big bunch of spam from 84.153.xx.xx
I contacted abuse department at Deutsche Telekom but they haven't done anything to solve the situation.
Am I the only one getting spam from them?
Full Version: Getting lots of spam from 84.153.xx.xx?
No, but I am getting 100's of messages in German from 24.205.233.130 and have blocked them in the firewall.
What subnet are you guys on? I'm on 66.98.178.xx here, with the same crap recently.
Just curious who they're farming for addresses.
Just curious who they're farming for addresses.
67.15.16.xx here.
QUOTE (unwaw)
I am getting a really big bunch of spam from 84.153.xx.xx
I use Advanced Policy Firewall (APF) with Brute Force Detection (BFD) ... eth00 has some nice config notes for APF... APF HowTo is also available...How it works... BFD (cron job) scans the logs at a set interval, in my case every ten minutes. If it sees more than ten (you set this threshold) "Sender verify failed" errors in the log from any IP, that IP is automatically denied further access to the server (blacklisted) by the firewall and BFD sends you a message to let you know. Works like a charm! It does the same for script kiddies doing a brute force password hacks on your ssh account. Of course, if you have any catchall accounts, you are SOL...
Have fun,
Paul [eMtnMan]
Thanks for the suggestion eMtnMan. I've never needed it before, but this new assault seems to be relentless, and adding BFD to my existing APF did the trick.
Thanks again.
Thanks again.
Sounds more like the sober.q virus http://www.techweb.com/rss/163104058
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.