[たつきち]

since 2001.4.29
[]

年中無休不定休 00:00-24:00
[おしながき]
お飲みもの 日本酒を各種取り揃えております
コース料理 MacOS X, unix 等の美しく確かな技をご堪能下さい
季節料理 PIC, H8 等のご紹介
おつまみ 毒のあるつまみのようです
たつきちのご紹介 駐車場はございませんので散歩がてらご来店下さい
ご予約・お問い合わせは info3@tatsukichi.gr.jp まで
(このメールアドレスへの特定電子メールの送信を拒否します)

たつきち小路でひとときのお安らぎを
[たつきち小路]
はむすたあのあにさん たつきちのおっしょさんです
ひさしぶりに元気なおっしょさんに出会えました ^^;
浅草散歩 たつきち小路から近くて遠い浅草の町
呑み喰い処 たつきちが好きならこの店も好き?
本屋 様々な本のご紹介
ぽっぽっぽ〜 とらすで〜す
みぃで〜す
ふたりあわせてとらすとみぃどぇ〜す

大通りのお店
[電車通り]
YAHOO! JAPAN  
google 検索

たつきちからのお知らせ
[インシデント・レスポンスについて]
 弱小なたつきちネットワークでも最近多くのインシデントがありますので「たつきちネットワークにおけるインシデントの扱いについて」を作成しました。
[ウィルスからの攻撃について]
 ウィルスに感染したマイクロソフト・ウィンドウズからの攻撃は目に余るものがあります。ブラスターワームが猛威を振るった 2003 年 12 月には一日あたり約 18,251 回, 2004 年 7 月でも一日あたり約 4,229 回の攻撃があり,そのほとんどがウィルス感染したウィンドウズからと思われます。
 2005 年 8 月の ZOTOB/IRCBot ワームでも1日あたり 5,000 回程度の攻撃を受けています。
 エンドユーザやサーバ管理者の方は手を抜かず,周りに迷惑をかけない運用管理を徹底していただきたいものです(この部分はウィンドウズには限りませんが)。


SORBS users who identify recklessly the dynamically assigned IP addresses as spammers, we treat your network as criminals' heaven, nothing more, nothing less. Because we can't inform you about the criminals' behaviour in your network, and you can't stop your network to bother the Internet.


/ 2010.12 / 2010.11 / 2010.10 / 2010.9 / 2010.8 / 2010.7 / 2010.6 / 2010.5 / 2010.4 / 2010.3 / 2010.2 / 2010.1 / 2009.12 / 2009.11 / 2009.10 / 2009.9 / 2009.8 / 2009.7 / 2009.6 / 2009.5 / 2009.4 / 2009.3 / 2009.2 / 2009.1 / 2008.12 / 2008.11 / 2008.10 / 2008.9 / 2008.8 / 2008.7 / 2008.6 / 2008.5 / 2008.4 / 2008.3 / 2008.2 / 2008.1

CRACKERS' HEAVEN HOST/NETWORK - rejected networks (listed last 3 months)
ip address reason
180.210.206.138/21 180.210.206.138 (138.206.210.180.ds.sparkstation.net) in SPARKSTATION PTE LTD (SG) (2011.2.16)
Malicious and huge ssh brute force attack (42 login attempts) focusing on the root password.
114.143.188.142/24 114.143.188.142 in TATATELE Maharashtra Limited in Tata Teleservices Limited (IN) (2011.2.16)
Malicious and huge ssh brute force attack (67 login attempts).
200.21.232.166/16 200.21.232.166 in COLOMBIA TELECOMUNICACIONES S.A. ESP (CO) (2011.2.15)
Malicious and huge ssh brute force attack (64 login attempts).
This is the 2nd attack by 200.21.232.166 since Nov 8 2010.
Add 200.0.0.0/7 to the permanent block list.
210.188.219.11/20 210.188.219.11 (www.gaido.jp) in www.gaido.jp (滋賀ガイド! - 滋賀県生活情報 - 滋賀県の観光ガイドやエリア、グルメ、ランチ、イベントガイド、便利なマップ) in SAKURA Internet Inc. (JP) (2011.2.15-16)
Malicious and huge ssh brute force attack (22,925 login attempts).
68.188.81.251/19 68.188.81.251 (!!!CAUTION!!! MALICIOUS PAGE APPEARS!!!) in Charter Communications (US) (2011.2.15)
Malicious and huge ssh brute force attack (99 and more login attempts).
210.212.150.232/20 210.212.150.232 in National Institute of Technology Raipur in BSNL Internet (IN) (2011.2.15)
Malicious and huge ssh brute force attack (1 login attempts) focusing on the root password.
This is the 2nd attack by 210.212.150.232 since Sep 13 2010.
109.169.21.37/18 109.169.21.37 in Internet Bilisim Hizmetleri (TR) in RapidSwitch (GB) (2011.2.15)
Malicious and huge ssh brute force attack (56 login attempts) focusing on the root password.
218.17.160.22/11 The criminal 218.17.160.22 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.2.13)
Malicious and huge ssh brute force attack (47 login attempts) focusing on the root password.
This is the 4th attack by the criminal 218.17.160.22 since Feb 9 2011, Feb 1 2011 and Jan 28-29 2011.
Add 218.0.0.0/11 to the permanent block list.
121.88.249.122/16 121.88.249.122 in C&M Communication Co.,Ltd. ((주)씨앤앰) (KR) (2010.2.13)
Malicious and huge ssh brute force attack (85 login attempts) focusing on the root password.
Add 121.88.0.0/16 to the permanent block list.
118.97.246.31/19 118.97.246.31 in PT Telkom Indonesia (ID) (2011.2.12)
Malicious and huge ssh brute force attack (301 login attempts) focusing on the root password.
210.51.52.132/16+ The criminal 210.51.52.132 in Shanghai Caohejing IDC of China Netcom in China Unicom (中国联通) (CN) (2011.2.11)
Malicious and huge login attempts (140 login attempts).
This is the 6th attack by the criminal 210.51.52.132 since May 1 2010 (twice), Apr 6 2010, Apr 5 2010 and Mar 15 2010.
Add 210.51.0.0/16 and 210.52.0.0/15 to the permanent block list.
92.55.104.53/18 92.55.104.53 in Robi Cable TV in Neotel (MK) (2011.2.11)
Malicious and huge pop login attacks (716 login attempts).
No contact email address.
Add 92.55.64.0/18 to the permanent block list.
DDoS
69.163.46.3/20
The criminal 69.163.46.3 (portland.webhostdns.info) in DirectSpace Networks, LLC (US) (2011.2.11)
Malicious and huge DDoS command execution attempts stopped. (1,966 commands).
These are the targets of the criminal 69.163.46.3 (portland.webhostdns.info) since Feb 8 2011.
Add 69.163.32.0/20 to the permanent block list.
119.188.7.153/12 119.188.7.153 in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2010.2.10-11)
Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password.
Add 119.176.0.0/12 to the permanent block list.
DDoS
69.163.46.3/20
The criminal 69.163.46.3 (portland.webhostdns.info) in DirectSpace Networks, LLC (US) (2011.2.10)
Malicious and huge DDoS command execution attempts continues (more than 2,058 commands).
Add 69.163.32.0/20 to the permanent block list.
218.17.160.22/11 The criminal 218.17.160.22 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.2.9)
Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password only.
This is the 3rd attack by the criminals' host 218.17.160.22 since Feb 1 2011 and Jan 28-29 2011.
Add 218.0.0.0/11 to the permanent block list.
DDoS
69.163.46.3/20
The criminal 69.163.46.3 (portland.webhostdns.info) in DirectSpace Networks, LLC (US) (2011.2.9)
Malicious and huge DDoS command execution attempts continues (more than 2,128 commands).
Add 69.163.32.0/20 to the permanent block list.
204.244.121.194/24(/16) 204.244.121.194 in Hostedincanada in WesTel Telecommunications (CA) (2011.2.8)
Malicious and huge ssh brute force attack (112 and more login attempts) focusing on the root password only.
221.206.130.3/11+ The criminal 221.206.130.3 in China Unicom Heilongjiang province network (中国联合网络通信有限公司黑龙江省分公司) in China Unicom (中国联通) (CN) (2011.2.8)
Malicious and huge ssh brute force attack (14 login attempts) focusing on the root password.
This is the 6th attack by 221.206.130.3 since Feb 6 2011, Feb 3 2011, Jan 31 2011, Jan 29 2011 and Jan 21-26 2011.
Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
DDoS
69.163.46.3/20
The criminal's host 69.163.46.3 (portland.webhostdns.info) in DirectSpace Networks, LLC (US) (2011.2.8)
Malicious and huge DDoS command execution attempts continues (more than 1,754 commands).
72.55.164.79/18 72.55.164.79 (mail.target9.com) in Target9 Media in iWeb Technologies Inc. (CA) (2011.2.8)
Malicious and huge ssh brute force attack (42 login attempts) focusing on the root password.
DDoS
208.115.219.75/18
The criminal's host 208.115.219.75 (kn1.knwebhosting.com) in KN WebHosting in Limestone Networks, Inc. (US) (2011.1.20 - 2.7)
Malicious and huge DDoS command execution attempts continues (more than 7,309 commands).
61.7.235.206/17 The criminal 61.7.235.206 in CAT Telecom (TH) (2011.2.7)
Malicious and huge ssh brute force attack (1 login attempts).
This is the 3rd attack by 61.7.235.206 since Jan 25 2011 and Jan 19 2011.
Add 61.7.128.0/17 to the permanent block list.
118.98.31.145/17 118.98.31.145 in PT. TELKOM INDONESIA (ID) (2011.2.7)
Malicious and huge ssh brute force attack (627 login attempts).
We received a good report from the administrator. (2010.2.7)
218.108.28.189/15+ 218.108.28.189 in Zhejiang economy information net (No.5,huancheng west road,hangzhou) in Gudang Scientific and Economic Park (华数数字电视传媒集团有限公司) (CN) (2011.2.2, mail error 2011.2.7)
Malicious and huge ssh brute force attack (350 login attempts) focusing on the root password.
The contact e-mail address abuse@chinahcn.com does not work because of '<abuse@chinahcn.com>: connect to smg.chinahcn.com[218.108.250.184]: Connection timed out' (2011.2.7)
Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
DDoS
69.163.46.3/20
The criminal's host 69.163.46.3 (portland.webhostdns.info) in DirectSpace Networks, LLC (US) (2011.2.7)
Malicious and huge DDoS command execution attempts.
DDoS
98.117.201.249/13+
The criminal's host 98.117.201.249 (pool-98-117-201-249.bltmmd.fios.verizon.net) in Verizon Online LLC (US) (2011.2.7)
Malicious prober for DDoS command etc.
61.156.20.2/10 The criminals' host 61.156.20.2 in www.wfinfo.cn (中国联合网络通信有限公司潍坊市分公司) in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2010.2.7)
Malicious and huge ssh brute force attack (208 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 61.156.20.2 since Dec 21 2010.
Add 61.128.0.0/10 to the permanent block list.
90.157.145.42/17 The criminals' host 90.157.145.42 in Amis d.o.o. (SI) (2011.2.6)
Malicious and huge ssh brute force attack (33 and more login attempts) focusing on the root password only.
This is the 2nd attack by the criminals' host 90.157.145.42 since Feb 6 2011 (today).
209.172.57.241/19 The criminals' host 209.172.57.241 (hd-t3338cl.privatedns.com = tambahis.com) in TamBahis.com in iWeb Technologies Inc. (CA) (2011.2.6)
Malicious and huge ssh brute force attack (80 and more login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 209.172.57.241 (hd-t3338cl.privatedns.com = tambahis.com) since Jan 30 2011.
Add 209.172.32.0/19 to the permanent block list.
DDoS
81.153.166.123/11
188.72.237.143/18
86.158.20.167/11
208.115.219.75/18
81.155.250.61/11
86.136.177.15/11
212.7.201.48/19
85.17.159.77/16
These are criminals' hosts using UDP flooding attacks, etc. (Jan 19 2011 - Feb 4 2011) :
81.153.166.123 (host81-153-166-123.range81-153.btcentralplus.com) in BT Public Internet Service (GB) (2011.1.19)
188.72.237.143 (server1.bigboxhost.com) in netdirekt e. K. (DE) (2011.1.19 - 28)
86.158.20.167 (host86-158-20-167.range86-158.btcentralplus.com) in BT Public Internet Service (GB) (2011.1.19 - 21)
208.115.219.75 (kn1.knwebhosting.com) in Limestone Networks, Inc. (US) (2011.1.20 - 2011.2.4)
81.155.250.61 (host81-155-250-61.range81-155.btcentralplus.com) in BT Public Internet Service (GB) (2011.1.21)
86.136.177.15 (host86-136-177-15.range86-136.btcentralplus.com) in BT Public Internet Service (GB) (2011.1.22)
212.7.201.48 in Dediserv Dedicated Servers Sp. z o.o. in LEASEWEB (NL) (2011/1/28 - 31)
85.17.159.77 (hosting1-nl.santrex.net) in LeaseWeb (NL) (2011.1.29 - 31) (!!!CAUTION!!! THIS IS MALWARE SITE !!!)
90.157.145.42/17 90.157.145.42 in Amis d.o.o. (SI) (2011.2.6)
Malicious and huge ssh brute force attack (33 login attempts) focusing on the root password only.
202.123.82.18/19 202.123.82.18 (202-123-82-18.static.hdcdatacentre.com) in Henderson Data Centre Limited (HK) (2011.2.6)
Malicious and huge ssh brute force attack (1,159 login attempts) focusing on the root password.
203.113.137.188/18 203.113.137.188 in Leasedlineservice-Net in Vietel Corporation (VN) (2011.2.6)
Malicious and huge ssh brute force attack (68 login attempts).
221.206.130.3/11+ The criminal 221.206.130.3 in China Unicom Heilongjiang province network (中国联合网络通信有限公司黑龙江省分公司) in China Unicom (中国联通) (CN) (2011.2.6)
Malicious and huge ssh brute force attack (15 login attempts) focusing on the root password.
This is the 5th attack by the criminals' host 221.206.130.3 since Feb 3 2011, Jan 31 2011, Jan 29 2011 and Jan 21-26 2011.
Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
121.9.205.79/13+ The criminal 121.9.205.79 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.2.5)
Malicious and huge ssh brute force attack (3,433 login attempts).
This is the 4th attack by 121.9.205.79 since Nov 30 2010, Nov 19 2010 (twice).
Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
211.138.85.158/13+ 211.138.85.158 in China Mobile Communications Corporation- neimeng (中国移动内蒙古公司) in China Mobile Communications Corporation (中国移动通信) (CN) (2011.1.30, mail error 2011.2.4)
Malicious and huge ssh brute force attack (84 login attempts).
The contact e-mail address 13847138820@monternet.com does not work because of '<13847138820@monternet.com>: connect to smtp.monternet.com[211.136.16.108]: Connection timed out' (2011.2.4)
Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
124.42.124.58/16 124.42.124.58 in Langfang Development Area Huarui Xintong Network Technology Co., Ltd. in Langfang university Langfang Development Area (CN) (2011.2.4)
Malicious and huge ssh brute force attack (567 login attempts) focusing on the root password.
Huarui Xintong Network Technology Co., Ltd. is also famous for spammer.
Add 124.42.0.0/16 to the permanent block list.
174.138.164.169/20 174.138.164.169 in QuickWeb Hosting Solutions in SECURED SERVERS LLC (US) (2011.2.4)
Malicious and huge ssh brute force attack (649 login attempts) focusing on the root password.
60.216.5.86/12+ The criminal 60.216.5.86 in shandong province century airport development ltd. in CNC Group CHINA169 Shandong Province Network in China Unicom (中国联通) (CN) (2011.2.4)
Malicious and huge ssh brute force attack (49 login attempts) focusing on the root password.
And 60.216.5.86 is also famous for the PHISHING site.
This is the 5th attack by 60.216.5.86 since Jna 18 2011, Dec 26 2010, Dec 10 2010 and Dec 1 2010.
Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
221.206.130.3/11+ The criminal 221.206.130.3 in China Unicom Heilongjiang province network (中国联合网络通信有限公司黑龙江省分公司) in China Unicom (中国联通) (CN) (2011.2.3)
Malicious and huge ssh brute force attack (15 login attempts) focusing on the root password.
This is the 4th attack by the criminals' host 221.206.130.3 since Jan 31 2011, Jan 29 2011 and Jan 21-26 2011.
Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
120.31.144.82/15+ 120.31.144.82 in FoShan RuiJiang Science and Tech Ltd. in CNC Group CHINA169 Guangdong Province network in China Unicom Guangdong province network (中国联通广东分公司) in China Unicom (中国联通) (CN) (2011.2.3)
Malicious and huge ssh brute force attack (37 login attempts) focusing on the root password only.
Add 120.30.0.0/15, 120.32.0.0/12 and 120.48.0.0/15 to the permanent block list.
69.50.192.55/19 69.50.192.55 in atjeu publishing, llc (US) (2011.2.3)
Malicious and huge ssh brute force attack (168 login attempts).
We received a good report from Atjeu Hosting. (2010.2.4)
95.211.75.198/16 The criminal 95.211.75.198 in LeaseWeb B.V. (NL) (2011.2.3)
Malicious and huge ssh brute force attack (42 login attempts) focusing on the root password only.
This is the 4th attack by 95.211.75.198 since Feb 2 2011 (theree times).
We received an automatic receipt from LeaseWeb B.V. (2011.2.4)
95.211.75.198/16 The criminal 95.211.75.198 in LeaseWeb B.V. (NL) (2011.2.2)
Malicious and huge ssh brute force attack (42 login attempts) focusing on the root password only.
This is the 3rd attack by 95.211.75.198 since Feb 2 2011 (twice).
95.211.75.198/16 The criminals' host 95.211.75.198 in LeaseWeb B.V. (NL) (2011.2.2)
Malicious and huge ssh brute force attack (84 login attempts) focusing on the root password only.
This is the 2nd attack by the criminals' host 95.211.75.198 since Feb 2 2011 (today).
61.111.18.111/12 The criminals' host 61.111.18.111 (61-111-18-111.kidc.net) in mediacast.lab in LG DACOM KIDC (LG유플러스 KID) (KR) (2011.2.2)
Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password only.
This is the 2nd attack by the criminals' host 61.111.18.111 (61-111-18-111.kidc.net) since Jan 29 2011.
Add 61.96.0.0/12 to the permanent block list.
95.211.75.198/16 95.211.75.198 in LeaseWeb B.V. (NL) (2011.2.2)
Malicious and huge ssh brute force attack (68 login attempts).
218.17.160.22/11 The criminals' host 218.17.160.22 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.2.1)
Malicious and huge ssh brute force attack (4 login attempts) focusing on the root password only.
This is the 2nd attack by the criminals' host 218.17.160.22 since Jan 28-29 2011.
Add 218.0.0.0/11 to the permanent block list.
195.23.251.41/16 195.23.251.41 (195-23-251-41.static.net.novis.pt) in NOVIS TELECOM, S.A. (PT) (2011.2.1)
Malicious and huge ssh brute force attack (3,764 login attempts).
This is the 2nd attack by 195.23.251.41 since Jan 6 2010.
221.206.130.3/11+ The criminal 221.206.130.3 in China Unicom Heilongjiang province network (中国联合网络通信有限公司黑龙江省分公司) in China Unicom (中国联通) (CN) (2011.1.31)
Malicious and huge ssh brute force attack (13 login attempts) focusing on the root password.
This is the 3rd attack by the criminals' host 221.206.130.3 since Jan 29 2011 and Jan 21-26 2011.
Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
218.8.162.6/11 218.8.162.6 in China Unicom Heilongjiang province network (中国联合网络通信有限公司黑龙江省分公司) in China Unicom (中国联通) (CN) (2011.1.31)
Malicious and huge ssh brute force attack (97 login attempts) focusing on the root password.
Add 218.0.0.0/11 to the permanent block list.
124.111.47.110/16 124.111.47.110 in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2011.1.31)
Malicious and huge ssh brute force attack (110 login attempts).
Add 124.111.0.0/16 to the permanent block list.
112.65.187.139/14+ 112.65.187.139 in China Unicom CHINA169 Shanghai Province Network (中国联合网络通信有限公司上海市分公司) in China Unicom (中国联通) (CN) (2011.1.31)
Malicious and huge ssh brute force attack (57 login attempts).
Add 112.0.0.0/10 and 112.64.0.0/14 to the permanent block list.
211.140.122.199/13+ 211.140.122.199 in China Mobile Communications Corporation- zhejiang (中国移动浙江公司) in China Mobile Communications Corporation (中国移动通信) (CN) (2011.1.30)
Malicious and huge ssh brute force attack (357 login attempts).
Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
68.13.97.23/12 68.13.97.23 (ip68-13-97-23.om.om.cox.net) in Cox Communications Inc. (US) (2011.1.30)
Malicious and huge ssh brute force attack (72 login attempts) focusing on the root password only.
We received an automatic receipt from Cox Communications. (2011.1.30).
63.218.8.170/13 63.218.8.170 (lg01.nyc01.pccwbtn.net) in Beyond The Network America, Inc. (US) (2011.1.30)
Malicious and huge ssh brute force attack (499 login attempts) focusing on the root password.
209.172.57.241/19 209.172.57.241 (hd-t3338cl.privatedns.com = tambahis.com) in TamBahis.com in iWeb Technologies Inc. (CA) (2011.1.30)
Malicious and huge ssh brute force attack (43 login attempts) focusing on the root password.
182.48.39.83/18 182.48.39.83 in SAKURA Internet Inc. (JP) (2011.1.30)
Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password.
218.17.160.22/11 218.17.160.22 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.1.28-29)
Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password.
Add 218.0.0.0/11 to the permanent block list.
123.13.201.202/13+ The criminal 123.13.201.202 in the world no.1 criminals' paradise China Unicom Henan province network (中国联通河南省分公司) in China Unicom (中国联通) (CN) (2011.1.29)
Malicious and huge ssh brute force attack (5 login attempts) focusing on the root password only.
This is the 4th attack by the criminals' host 123.13.201.202 since Jan 25 2011, Jan 23 2011 and Jan 20-22 2011.
Add 123.4.0.0/14 and 123.8.0.0/13 to the permanent block list.
218.64.53.176/11+ The criminals' host 218.64.53.176 in CHINANET jiangxi province network (江西电信) in CHINA TELECOM (中国电信集团公司) (CN) (2011.1.29)
Malicious and huge ssh brute force attack (2 login attempts).
This is the 3rd attack by the criminals' host 218.64.53.176 since Jan 21 2011 and Aug 17 2010.
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
112.222.151.132/13 112.222.151.132 in LG DACOM Corporation (LG유플러스) (KR) (2011.1.29)
Malicious and huge ssh brute force attack (31 login attempts) focusing on the root password.
Add 112.216.0.0/13 to the permanent block list.
61.111.18.111/12 61.111.18.111 (61-111-18-111.kidc.net) in mediacast.lab in LG DACOM KIDC (LG유플러스 KID) (KR) (2011.1.29)
Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password only.
Add 61.96.0.0/12 to the permanent block list.
70.38.119.98/17 70.38.119.98 (ip-70-38-119-98.static.privatedns.com) in iWeb Technologies Inc. (US) (2011.1.29)
Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password only.
221.206.130.3/11+ The criminals' host 221.206.130.3 in China Unicom Heilongjiang province network (中国联合网络通信有限公司黑龙江省分公司) in China Unicom (中国联通) (CN) (2011.1.29)
Malicious and huge ssh brute force attack (11 login attempts) focusing on the root password only.
This is the 2nd attack by the criminals' host 221.206.130.3 since Jan 21-26 2011.
Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
121.18.67.77/12+ 121.18.67.77 in BD-TIANWEIYINGLIXINNENGYUAN-COMPANY in China Unicom Hebei province network (中国网通(集团)有限公司河北省分公司) in China Unicom (中国联通) (CN) (2011.1.28)
Malicious and huge ssh brute force attack (3,698 login attempts).
Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
210.2.175.194/18 210.2.175.194 (static-host210-2-175-194.link.net.pk) in LINKdotNET Telecom Limited (PK) (2011.1.27)
Malicious and huge smtp relay attmpts (22 attempts).
186.36.224.135/7 186.36.224.135 in in Telmex Servicios Empresariales S.A. (CL) (2011.1.27)
Malicious and huge ssh brute force attack (221 login attempts) focusing on the root password only.
Add 186.0.0.0/7 to the permanent block list.
210.242.157.50/16+ 210.242.157.50 (210-242-157-50.HINET-IP.hinet.net) in Global Executive Office in CHTD, Chunghwa Telecom Co., Ltd. (中華電信) (TW) (2011.1.27)
Malicious and huge ssh brute force attack (1,076 and more login attempts).
The contact e-mail address carol.com.tw@cool.url.com.tw does not work because of '<carol.com.tw@cool.url.com.tw>: host mx3.url.com.tw[210.59.228.202] said: 550 unknown user. (in reply to RCPT TO command)' (2011.1.27)
And the contact e-mail address albert@gleo.com.tw does not work because of '<albert@gleo.com.tw>: Name service error for gleo.com.tw: Host not found, try again' (2011.2.1)
We received a report from HiNet Security Operation Center. (2011.1.27).
Add 210.241.224.0/19 and 210.242.0.0/16 to the permanent block list.
60.2.236.226/11 The criminals' host 60.2.236.226 in the criminals' hehaven network TS-IDC3 in China Unicom Hebei province network (中国网通(集团)有限公司河北省分公司) in China Unicom (中国联通) (CN) (2011.1.27)
Malicious and huge ssh brute force attack (29 login attempts) focusing on the root password.
This is the 2nd attack by tThe criminals' host 60.2.236.226 since Jan 25 2011.
Add 60.0.0.0/11 to the permanent block list.
119.196.21.224/11 The criminal 119.196.21.224 in Korea Telecom (KR) (2011.1.27)
Malicious and huge ssh brute force attack (3 login attempts) focusing on the root passowrd only.
This is the 5th attack by 119.196.21.224 since Dec 29 2010, Dec 24 2010, Oct 4 2010 and Sep 20 2010.
Add 119.192.0.0/11 to the permanent block list.
212.76.95.156/19 212.76.95.156 in Sahara-Net (SA) (2011.1.26)
Malicious and huge ssh brute force attack (59 and more login attempts).
58.137.18.109/28 58.137.18.109 in Assumption Commercial College (ACC) in CS Loxinfo (TH) (2011.1.26)
Malicious and huge ssh brute force attack (567 login attempts) focusing on the root passowrd.
70.79.15.213/12 70.79.15.213 (S0106002401d0a96a.vc.shawcable.net = vaughnly.no-ip.com) in vaughnly.no-ip.com in Shaw Communications Inc. (CA) (2011.1.26)
Malicious and huge ssh brute force attack (214 login attempts) focusing on the root passowrd.
We received a receipt from Shaw High-Speed Internet Service. (2011.1.27).
221.206.130.3/11+ 221.206.130.3 in China Unicom Heilongjiang province network (中国联合网络通信有限公司黑龙江省分公司) in China Unicom (中国联通) (CN) (2011.1.26)
Malicious and huge ssh brute force attack (32 login attempts) focusing on the root password.
Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
61.7.235.206/17 The criminals' host 61.7.235.206 in CAT Telecom (TH) (2011.1.25)
Malicious and huge ssh brute force attack (48 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 61.7.235.206 since Jan 19 2011.
Add 61.7.128.0/17 to the permanent block list.
218.108.0.70/15+ 218.108.0.70 in WASU TV & Communication Holding Co.,Ltd. (CN) (2011.1.20, mail error 2011.1.25)
Malicious and huge ssh brute force attack (92 login attempts).
The contact e-mail address allon@chinahcn.com does not work because of '<allon@chinahcn.com>: connect to smg.chinahcn.com[218.108.250.184]: Connection timed out' (2011.1.25)
Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
109.169.57.41/18 109.169.57.41 in Thrust::VPS in RapidSwitch (US) (2011.1.25)
Malicious and huge ssh brute force attack (39 login attempts) focusing on the root passowrd.
We received a report from Thrust::VPS. (2011.1.28).
60.2.236.226/11 60.2.236.226 in TS-IDC3 in China Unicom Hebei province network (中国网通(集团)有限公司河北省分公司) in China Unicom (中国联通) (CN) (2011.1.25)
Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password.
Add 60.0.0.0/11 to the permanent block list.
72.34.247.90/24(/19) 72.34.247.90 (francis.weppc.net = www.weppc.net) in Pasadena Presbyterian Church (파사데나장로교회) in Premier Innovations (US) (2011.1.25)
Malicious and huge ssh brute force attack (85 login attempts) focusing on the root passowrd only.
123.13.201.202/13+ The criminal 123.13.201.202 in the world no.1 criminals' paradise China Unicom Henan province network (中国联通河南省分公司) in China Unicom (中国联通) (CN) (2011.1.25)
Malicious and huge ssh brute force attack (15 login attempts) focusing on the root password.
This is the 3rd attack by the criminals' host 123.13.201.202 since Jan 23 2011 and Jan 20-22 2011.
Add 123.4.0.0/14 and 123.8.0.0/13 to the permanent block list.
66.11.123.195/20 The criminal 66.11.123.195 (cms.suavemente.net) in Suavemente, INC. (US) (2010.12.24)
Malicious and huge ssh brute force attack (46 and more login attempts) focusing on the root password.
This is the 3rd attack by 66.11.123.195 (cms.suavemente.net) since Jan 24 2011 (today) and Dec 19 2010.
Add 66.11.112.0/20 to the permanent block list.
60.49.164.242/14+ 60.49.164.242 (49.60.in-addr.arpa.tm.net.my) in Telekom Malaysia Berhad (MY) (2011.1.24)
Malicious and huge pop login attacks (642 and more login attempts).
We received an automatic receipt from TM Abuse Admin. (2011.1.24).
183.63.14.204/10+ 183.63.14.204 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.1.24)
Malicious and huge ssh brute force attack (50 login attempts) focusing on the root password.
Add 183.0.0.0/10 and 183.64.0.0/13 to the permanent block list.
66.11.123.195/20 The criminals' host 66.11.123.195 (cms.suavemente.net) in Suavemente, INC. (US) (2010.12.24)
Malicious and huge ssh brute force attack (46 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 66.11.123.195 (cms.suavemente.net) since Dec 19 2010.
Add 66.11.112.0/20 to the permanent block list.
187.17.26.90/7 187.17.26.90 in World Line Ltda (BR) (2011.1.24)
Malicious and huge ssh brute force attack (33 login attempts) focusing on the root password only.
Add 186.0.0.0/7 to the permanent block list.
211.174.187.171/13+ 211.174.187.171 in ELIMNET (엘림넷) (KR) (2011.1.23)
Malicious and huge ssh brute force attack (65 and more login attempts).
Add 211.168.0.0/13, 211.176.0.0/12 and 211.192.0.0/10 to the permanent block list.
61.106.50.10/12 61.106.50.10 in ELIMNET (엘림넷) (KR) (2011.1.23)
Malicious and huge ssh brute force attack (63 and more login attempts).
Add 61.96.0.0/12 to the permanent block list.
119.188.7.175/12 119.188.7.175 in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2011.1.23)
Malicious and huge ssh brute force attack (1,498 and more login attempts) focusing on the root password.
Add 119.176.0.0/12 to the permanent block list.
64.15.156.111/19 64.15.156.111 (Maga10.com = not-assigned.privatedns.com) in Netpickle, Inc - rockmyspace.com in iWeb Technologies Inc. (US) (2011.1.23)
Malicious and huge ssh brute force attack (82 login attempts).
123.13.201.202/13+ The criminals' host 123.13.201.202 in the world no.1 criminals' paradise China Unicom Henan province network (中国联通河南省分公司) in China Unicom (中国联通) (CN) (2011.1.23)
Malicious and huge ssh brute force attack (15 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 123.13.201.202 since Jan 20-22 2011.
Add 123.4.0.0/14 and 123.8.0.0/13 to the permanent block list.
115.236.4.204/12+ 115.236.4.204 in Hangzhou Shell Star Tracker Network Technology Co., Ltd. in CHINA TELECOM Hangzhou (中国电信杭州分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.1.22)
Malicious and huge ssh brute force attack (68 login attempts).
The contact e-mail address wgqshi@chinaren.com.cn does not work because of '<wgqshi@chinaren.com.cn>: host sohumx.sohu.com[61.135.132.110] said: 554 5.7.1 <wgqshi@chinaren.com.cn>: Relay access denied (in reply to RCPT TO command)' (2011.1.22)
Add 115.190.0.0/15, 115.192.0.0/11 and 115.224.0.0/12 to the permanent block list.
123.13.201.202/13+ 123.13.201.202 in the world no.1 criminals' paradise China Unicom Henan province network (中国联通河南省分公司) in China Unicom (中国联通) (CN) (2011.1.20-22)
Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password.
Add 123.4.0.0/14 and 123.8.0.0/13 to the permanent block list.
210.212.236.147/16 210.212.236.147 in Kerala Public Works Department in in BSNL Internet (IN) (2011.1.17, mail error 2011.1.22)
Malicious and huge ssh brute force attack (180 and more login attempts).
The contact e-mail address ceroads@keralapwd.gov.in does not work because of '<ceroads@keralapwd.gov.in>: connect to mail.keralapwd.gov.in[210.212.236.82]: Connection timed out' (2011.1.22)
Add 210.212.0.0/16 to the permanent block list.
58.196.13.59/11 58.196.13.59 in CERNET : China Education and Research Network (中国教育网-中国教育和科研计算机网) (CN) (2011.1.21)
Malicious and huge ssh brute force attack (104 and more login attempts).
No contact e-maol address in whois database.
Add 58.192.0.0/11 to the permanent block list.
221.7.196.68/12 221.7.196.68 in gx-inc-net in China Unicom Guangxi province network (中国广西联通分公司) in CHINA UNICOM (中国联通) (CN) (2011.1.21)
Malicious and huge ssh brute force attack (154 login attempts) focusing on the root password only.
Add 221.0.0.0/12 to the permanent block list.
218.64.53.176/11+ 218.64.53.176 in CHINANET jiangxi province network (江西电信) in CHINA TELECOM (中国电信集团公司) (CN) (2011.1.21)
Malicious and huge ssh brute force attack (39 login attempts) focusing on the root password.
This is the 2nd attack by 218.64.53.176 since Aug 17 2010.
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
202.152.161.84/23+ 202.152.161.84 in INDOSAT (ID) (2011.1.21)
Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password only.
The contact e-mail address abuse@indosat.com does not work because of 'Delivery to the following recipients failed.' (2011.1.21)
Add 202.152.160.0/23 and 202.152.162.0/24 to the permanent block list.
210.51.50.196/16+ 210.51.50.196 (!!!CAUTION!!! PHISHING SITE ALERT POPUPS!!!) in shangjingyuanlin-corp in CHINA UNICOM (中国联通) (CN) (2011.1.17-20)
Malicious and huge ssh brute force attack (106 login attempts) focusing on the root password only.
Add 210.51.0.0/16 and 210.52.0.0/15 to the permanent block list.
61.7.235.206/18 61.7.235.206 in CAT Telecom (TH) (2011.1.19)
Malicious and huge ssh brute force attack (48 login attempts) focusing on the root password.
218.246.21.109/13 218.246.21.109 in Development & Research Center of State Council Net (国研科技) (CN) (2011.1.19)
Malicious and huge ssh brute force attack (258 login attempts) focusing on the root passowrd.
Add 218.240.0.0/13 to the permanent block list.
202.96.199.150/12+ The criminal 202.96.199.150 in CHINANET shanghai province network (中国电信上海信息产业(集团)有限公司) in the criminakl's heavne network CHINA TELECOM (中国电信集团公司) (CN) (2011.1.19)
Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password only.
This is the 5th attack by the criminals' host 202.96.199.150 since May 14 2010, May 1 2010, Oct 12 2009 and Feb 26 2009.
Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
123.200.169.94/30 123.200.169.94 (mail.sapphiregroup.com.au = webmail.sapphiregroup.com.au) in Sapphire Group Pty Ltd (AU) (2011.1.18)
Malicious and huge pop login attacks (68 login attempts).
60.217.234.142/12+ The criminals' host 60.217.234.142 (bbs.softreg.com.cn) in the criminals' host China Shareware Registration Centre (中国共享软件注册中心) in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2011.1.18)
Malicious and huge ssh brute force attack (95 login attempts) focusing on the root password only.
This is the 2nd attack by the criminals' host 60.217.234.142 (bbs.softreg.com.cn) since Sep 16 2010.
Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
60.216.5.86/12+ The criminal 60.216.5.86 in CNC Group CHINA169 Shandong Province Network in China Unicom (中国联通) (CN) (2011.1.18)
Malicious and huge ssh brute force attack (49 login attempts) focusing on the root password.
And 60.216.5.86 is also famous for the PHISHING site.
This is the 4th attack by 60.216.5.86 since Dec 26 2010, Dec 10 2010 and Dec 1 2010.
Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
222.143.26.249/12 222.143.26.249 in the world no.1 criminals' paradise China Unicom Henan province network (中国联通河南省分公司) in China Unicom (中国联通) (CN) (2011.1.18)
Malicious and huge ssh brute force attack (287 login attempts).
Add 222.128.0.0/12 to the permanent block list.
67.23.42.102/20+ 67.23.42.102 (67-23-42-102.static.cloud-ips.com) in Slicehost LLC in Rackspace Hosting (US) (2011.1.18)
Malicious and huge ssh brute force attack (209 login attempts).
We received an automatic receipt from Rackspace AUP Department. (2011.1.18).
219.87.173.25/14 The criminal 219.87.173.25 (219-87-173-25.static.tfn.net.tw) in Taiwan Fixed Network CO.,LTD. (台灣大電訊) (TW) (2011.1.17)
Malicious and huge ssh brute force attack (14 login attempts) focusing on the root password.
This is the 4th attack by 219.87.173.25 (219-87-173-25.static.tfn.net.tw) since Jan 15 2011, Jan 12 2011 and Dec 20 2010 - Jan 8 2011.
Add 219.84.0.0/14 to the permanent block list.
163.13.200.164/16 163.13.200.164 (Lab164.im.tku.edu.tw = security.im.tku.edu.tw) in IMNA Security Team in Tamkang University (淡江大學) (TW) (2011.1.17)
Malicious and huge ssh brute force attack (138 login attempts) focusing on the root password only.
12.151.36.15/25(/8) The criminals' host 12.151.36.15 in SPANSION LLC in ATT (US) (2011.1.16)
Malicious and huge ssh brute force attack (72 and more login attempts) focusing on the root password.
This is the 2nd attac by the criminals' host 12.151.36.15 since Jan 16 2011 (today).
We received an automatic receipt from AT&T Internet Services Security Center. (2011.1.16).
Add 12.151.36.0/25 to the permanent block list.
12.151.36.15/25(/8) 12.151.36.15 in SPANSION LLC in ATT (US) (2011.1.16)
Malicious and huge ssh brute force attack (3,825 login attempts) focusing on the root password.
We received an automatic receipt from AT&T Internet Services Security Center. (2011.1.16).
58.180.49.43/16+ 58.180.49.43 in ONSE Telecom (온세텔레콤) (KR) (2011.1.16)
Malicious and huge ssh brute force attack (113 login attempts) focusing on the root password.
Add 58.180.0.0/16 and 58.181.0.0/18 to the permanent block list.
218.234.19.38/13 218.234.19.38 (!!!CAUTION!!! PHISHING SITE ALERT POPUPS!!!) (See also) in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2011.1.16)
Malicious and huge pop login attacks (1,543 and more login attempts).
Add 218.232.0.0/13 to the permanent block list.
117.16.34.53/15 117.16.34.53 in Baewha Womens College (배화여자대학) in Korean Education Network (KR) (2011.1.16)
Malicious and huge ssh brute force attack (39 login attempts) focusing on the root password.
Add 117.16.0.0/15 to the permanent block list.
219.87.173.25/14 The criminal 219.87.173.25 (219-87-173-25.static.tfn.net.tw) in Taiwan Fixed Network CO.,LTD. (台灣大電訊) (TW) (2011.1.15)
Malicious and huge ssh brute force attack (67 login attempts) focusing on the root password.
This is the 3rd attack by 219.87.173.25 (219-87-173-25.static.tfn.net.tw) since Jan 12 2011 and Dec 20 2010 - Jan 8 2011.
Add 219.84.0.0/14 to the permanent block list.
200.90.28.229/7 200.90.28.229 (200-90-28-229.genericrev.cantv.net) in CANTV Servicios, Venezuela (VE) (2011.1.15)
Malicious and huge ssh brute force attack (69 login attempts).
Add 200.0.0.0/7 to the permanent block list.
202.106.15.186/12+ 202.106.15.186 in China Unicom Beijing province networkm (中国联通北京市分公司) in China Unicom (中国联通) (CN) (2011.1.15)
Malicious and huge ssh brute force attack (208 login attempts) focusingon the root password.
Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
218.97.158.10/14+ 218.97.158.10 in Beijing Tonek Information Technology Development Corporation (liu shuan, TONEK Co. ,No.11 West Changan Street,Bejing) (CN) (2011.1.9, mail error 2011.1.15)
Malicious and huge ssh brute force attack (98 and more login attempts).
The contact e-mail address lsa@bj160.com.cn does not work because of '<lsa@bj160.com.cn>: Name service error for bj160.com.cn: Host not found, try again' (2011.1.15)
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
200.29.146.189/7 200.29.146.189 (dns.municatemu.cl = www.municatemu.cl) in Municipalidad de catemu in Telmex Servicios Empresariales S.A. (CL) (2011.1.14)
Malicious and huge pop login attacks (1,147 login attempts).
Add 200.0.0.0/7 to the permanent block list.
218.107.139.2/14+ The criminal 218.107.139.2 in China Unicom Beijing province network (中国联合网络通信有限公司北京市分公司) in China Unicom (中国联通) (CN) (2011.1.14)
Malicious and huge ssh brute force attack (216 login attempts) focusing on the root password only.
This is the 11th attack by 218.107.139.2 since Dec 11 2010, May 1 2010, Feb 10 2010, Feb 8 2010, Feb 7 2010 (twice), Feb 3 2010, Dec 25 2009, Dec 11 2009 and Dec 7 2009.
Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
219.87.173.25/14 The criminals' host 219.87.173.25 (219-87-173-25.static.tfn.net.tw) in Taiwan Fixed Network CO.,LTD. (台灣大電訊) (TW) (2011.1.12)
Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 219.87.173.25 (219-87-173-25.static.tfn.net.tw) since Dec 20 2010 - Jan 8 2011.
Add 219.84.0.0/14 to the permanent block list.
189.75.52.98/8+ 189.75.52.98 (189-75-52-98.jvece301b.ipd.brasiltelecom.net.br) in Brasil Telecom S/A (BR) (2011.1.11)
Malicious and huge ssh brute force attack (357 login attempts).
Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
114.108.160.193/18+ 114.108.160.193 in LG DACOM KIDC (LG유플러스 KID) (KR) (2011.1.11)
Malicious and huge ssh brute force attack (1,538 login attempts) focusing on the root password.
Add 114.108.0.0/17 and 114.108.128.0/18 to the permanent block list.
114.207.244.118/13+ 114.207.244.118 (apps.lettee.com) in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2011.1.11)
Malicious and huge ssh brute force attack (78 login attempts) focusing on the root password only.
Add 114.199.128.0/17 and 114.200.0.0/13 to the permanent block list.
216.219.94.114/20 216.219.94.114 in worldispnetwork.com in HOST DEPARTMENT (US) (2011.1.11)
Malicious and huge ssh brute force attack (146 login attempts) focusing on the root password.
216.246.108.221/24 216.246.108.221 (chicago.colocrossing.com) in Mohawk Host in ColoCrossing (US) (2011.1.11)
Malicious and huge ssh brute force attack (80 login attempts) focusing on the root password.
114.251.158.58/11+ 114.251.158.58 in China Unicom Beijing province networkm (中国联通北京市分公司) in China Unicom (中国联通) (CN) (2011.1.10)
Malicious and huge ssh brute force attack (109 login attempts) focusingon the root password only.
Add 114.208.0.0/12 and 114.224.0.0/11 to the permanent block list.
62.165.220.106/18 62.165.220.106 in Tvnetwork Inc. (HU) (2011.1.10)
Malicious and huge ssh brute force attack (80 login attempts) focusing on the root password.
109.169.51.194/24(/18) 109.169.51.194 in PC Smart Hosting in RapidSwitch Ltd (GB) (2011.1.10)
Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password.
We received an automatic receipt from PC Smart Hosting. (2011.1.10).
We received a report from PC Smart Hosting. (2011.1.10).
210.72.220.14/14+ 210.72.220.14 in Scientific Research Department of China Aerospace Fifth Academy (GuangZhu Fang, China Aerospace Corporation Communication Center) in httx.com.cn (航天信息网) (CN) (2011.1.9)
Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password.
The contact e-mail address dl@cnnic.net.cn does not work because of '<dl@cnnic.net.cn>: host mail01.cnnic.cn[218.241.105.43] said: 550 #5.1.0 Address rejected dl@cnnic.net.cn (in reply to RCPT TO command)' (2011.1.10)
Add 210.72.0.0/14, 210.76.0.0/15 and 210.78.0.0/16 to the permanent block list.
188.40.95.211/16 188.40.95.211 (mail.financial-mail.de) in financial-mail.de in Hetzner Online AG (DE) (2011.1.9)
Malicious and huge ssh brute force attacks (34 login attempts) focusing on the root password.
We received an automatic receipt from Hetzner Online AG. (2011.1.9).
122.228.208.48/11+ 122.228.208.48 in Wenzhou Xun Network Information Co., Ltd. in CHINANET-ZJ (中国电信杭州分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.1.8)
Malicious and huge ssh brute force attack (154 and more login attempts) focusing on the root password.
Add 112.224.0.0/11, 113.0.0.0/13 and 113.8.0.0/15 to the permanent block list.
219.87.173.25/15 219.87.173.25 (219-87-173-25.static.tfn.net.tw) in Taiwan Fixed Network CO.,LTD. (台灣大電訊) (TW) (2010.12.20 - 2011.1.8)
Malicious and huge ssh brute force attacks (90 login attempts) focusing on the root password.
195.4.12.33/16 195.4.12.33 in TELES AG in freenet Cityline GmbH (DE) (2011.1.8)
Malicious and huge ssh brute force attacks (293 login attempts) focusing on the root password.
208.109.168.14/16 The criminal 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) in NECOS Order Entry Tool in GoDaddy.com, Inc. (US) (2011.1.8)
Malicious and huge pop login attacks (5,432 and more login attempts).
This is the 5th attack by 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) since Dec 31 2010, Dec 30 2010, Dec 29 2010 and Dec 28 2010.
Add 208.109.0.0/16 to the permanent block list.
203.250.133.230/11 203.250.133.230 (net133-230.paichai.ac.kr) in PaiChai University (배재대학교) (KR) (2011.1.7)
Malicious and huge ssh brute force attack (97 login attempts) focusing on the root password only.
Add 203.224.0.0/11 to the permanent block list.
143.225.115.15/16 143.225.115.15 in Universita' degli Studi di Napoli Federico II in GARR - Italian academic and research network (IT) (2011.1.6-7)
Malicious and huge ssh brute force attacks (46 login attempts) focusing on the root password.
63.218.50.130/13 63.218.50.130 in DNA Communications INC in Beyond The Network America, Inc. in PCCW Global - Beyond The Network America, Inc. (US) (2011.1.7)
Malicious and huge ssh brute force attacks (162 login attempts) focusing on the root password only.
222.237.78.139/13 The criminal 222.237.78.139 (222-237-78-139.tongkni.co.kr) in TONGKNi in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2011.1.6)
Malicious and huge ssh brute force attack (117 login attempts) focusing on the root password.
This is the 4th attack by 222.237.78.139 (222-237-78-139.tongkni.co.kr) since Sep 21 2010, Sep 7 2010 and Aug 14 2010.
Add 222.232.0.0/13 to the permanent block list.
203.255.252.166/11 203.255.252.166 in KT Advanced Technology Laboratories in Korea Telecom (KR) (2011.1.6)
Malicious and huge ssh brute force attack (45 login attempts) focusing on the root passowrd.
Add 203.224.0.0/11 to the permanent block list.
212.227.143.73/16 212.227.143.73 (s15349013.onlinehome-server.info) in 1&1 Internet AG (DE) (2011.1.5)
Malicious and huge ssh brute force attacks (410 login attempts).
62.90.2.181/16 62.90.2.181 (62-90-2-181.barak.net.il) in 013 Netvision network (IL) (2011.1.4)
Malicious and huge pop login attacks (66 login attempts).
67.23.234.186/19 67.23.234.186 in HostDime.com, Inc. (US) (2011.1.3)
Malicious and huge ssh brute force attacks (410 login attempts) focusing on the root password.
210.5.251.201/21 210.5.251.201 (210-5-251-201.reverse.newskies.net) in SES WORLD SKIES in New Skies Satellites (HK) (NL) (2011.1.3)
Malicious and huge ssh brute force attacks (836 login attempts) focusing on the root password only.
109.123.101.62/18 109.123.101.62 in UK2.NET (GB) (2011.1.2)
Malicious and huge ssh brute force attacks (200 login attempts) focusing on the root password only.
218.108.63.210/15+ 218.108.63.210 in Kelly Xue (Tian Mu Shan Roa, Hangzhou, Zhejiang, P.R.C) in WASU TV & Communication Holding Co.,Ltd. (CN) (2010.12.31)
Malicious and huge ssh brute force attack (419 login attempts).
Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
208.109.168.14/16 The criminal 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) in NECOS Order Entry Tool in GoDaddy.com, Inc. (US) (2010.12.31)
Malicious and huge pop login attacks (57 login attempts).
This is the 4th attack by 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) since Dec 30 2010, Dec 29 2010 and Dec 28 2010.
Add 208.109.0.0/16 to the permanent block list.
24.173.218.148/16 24.173.218.148 (rrcs-24-173-218-148.sw.biz.rr.com) in Road Runner HoldCo LLC (US) (2010.12.30)
Malicious and huge ssh brute force attacks (1,321 login attempts) focusing on the root password.
Add 24.173.0.0/16 to the permanent block list.
121.96.34.200/18 121.96.34.200 (www.trinity-healthcare.com) in Trinity Healthcare Services, Inc. in Bayan Broadband (PH) (2010.12.30)
Malicious and huge ssh brute force attacks (373 login attempts).
218.69.106.52/11+ The criminal 218.69.106.52 in China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in China Unicom (中国联通). (CN) (2010.12.30)
Malicious and huge ssh brute force attack (173 login attempts).
This is the 4th attack by 218.69.106.52 since Nov 24 2010, Nov 22 2010 and Aug 12 2010.
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
208.109.168.14/16 The criminal 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) in NECOS Order Entry Tool in GoDaddy.com, Inc. (US) (2010.12.30)
Malicious and huge pop login attacks (352 login attempts).
This is the 3rd attack by 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) since Dec 29 2010 and Dec 28 2010.
Add 208.109.0.0/16 to the permanent block list.
119.196.21.224/11 The criminal 119.196.21.224 in Korea Telecom (KR) (2010.12.29)
Malicious and huge ssh brute force attack (2 login attempts) focusing on the root passowrd only.
This is the 4th attack by 119.196.21.224 since Dec 24 2010, Oct 4 2010 and Sep 20 2010.
Add 119.192.0.0/11 to the permanent block list.
175.125.21.228/12 The criminal 175.125.21.228 in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2010.12.29)
Malicious and huge ssh brute force attack (168 login attempts).
This is the 3rd attack by 175.125.21.228 since Oct 28 2010 and Oct 13 2010.
Add 175.112.0.0/12 to the permanent block list.
59.53.56.148/11+ The criminal 59.53.56.148 in CHINANET jiangxi province network (江西电信) in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.29)
Malicious and huge ssh brute force attack (28 login attempts) focusing on the root password only.
This is the 5th attack by 59.53.56.148 since Dec 23 2010, Nov 27 2010, Nov 13 2010 and Oct 1-13 2010.
Add 58.30.0.0/15 and 58.32.0.0/11 to the permanent block list.
205.234.228.97/24(/17) 205.234.228.97 in SingleHop, Inc. in Server Central Network (US) (2010.12.29)
Malicious and huge ssh brute force attacks (55 login attempts) focusing on the root password.
208.109.168.14/16 The criminals' host 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) in NECOS Order Entry Tool in GoDaddy.com, Inc. (US) (2010.12.29)
Malicious and huge pop login attacks (304 login attempts).
This is the 2nd attack by the criminals' host 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) since Dec 28 2010.
Add 208.109.0.0/16 to the permanent block list.
208.109.168.14/16 208.109.168.14 (ip-208-109-168-14.ip.secureserver.net = www.necos.us) in NECOS Order Entry Tool in GoDaddy.com, Inc. (US) (2010.12.28)
Malicious and huge pop login attacks (337 login attempts).
112.140.187.247/22 The criminals' host 112.140.187.247 (247.112.140.187.ds.sparkstation.net) in SPARKSTATION PTE LTD (SG) (2010.12.28)
Malicious and huge ssh brute force attack (233 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 112.140.187.247 (247.112.140.187.ds.sparkstation.net) since Dec 27 2010.
  TRKEY entered into our national wide blocking scheme.
178.211.53.85/24 The criminals' host 178.211.53.85 (server-178.211.53.85.as42926.net) in Kalitenet Telekom in Radore Hosting (TR) (2010.12.27)
Malicious and huge ssh brute force attack (708 login attempts).
This is the 2nd attack by the criminals' host 178.211.53.85 (server-178.211.53.85.as42926.net) since Dec 27 2010 (today).
Add 178.211.53.0/24 to the permanent block list.
112.140.187.247/22 112.140.187.247 (247.112.140.187.ds.sparkstation.net) in SPARKSTATION PTE LTD (SG) (2010.12.27)
Malicious and huge ssh brute force attack (80 login attempts) focusing on the root password.
178.211.53.85/24 178.211.53.85 (server-178.211.53.85.as42926.net) in Kalitenet Telekom in Radore Hosting (TR) (2010.12.27)
Malicious and huge ssh brute force attack (94 login attempts).
The contact e-mail address abuse@kalitenet.net.tr does not work because of '<abuse@kalitenet.net.tr>: host 2133306826.pamx1.hotmail.com[65.54.188.109] said: 550 Requested action not taken: mailbox unavailable (in reply to RCPT TO command)' (2010.12.27)
Add 178.211.53.0/24 to the permanent block list.
210.202.34.161/27(/16) 210.202.34.161 (TC210-202-34-161.vdsl.static.apol.com.tw) in Globe Uinon Fnd. Co., Ltd. in Asia Pacific On-line Services Inc. (亞太電信) (TW) (2010.12.26)
Malicious and huge ssh brute force attack (191 and more login attempts) focusing on the root password only.
123.111.128.211/16 123.111.128.211 in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2010.12.26)
Malicious and huge ssh brute force attack (439 login attempts) focusing on the root password.
Add 123.111.0.0/16 to the permanent block list.
60.216.5.86/12+ The criminal 60.216.5.86 in CNC Group CHINA169 Shandong Province Network in China Unicom (中国联通) (CN) (2010.12.26)
Malicious and huge ssh brute force attack (49 login attempts) focusing on the root password.
And 60.216.5.86 is also famous for the PHISHING site.
This is the 3rd attack by 60.216.5.86 since Dec 10 2010 and Dec 1 2010.
Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
116.228.90.134/12 116.228.90.134 (mail.lexvu.com) in Zhang Lei in Shanghai Data Solution Co. (上海数讯信息技术有限公司) (CN) (2010.12.24)
Malicious and huge ssh brute force attack (54 and more login attempts).
Add 116.224.0.0/12 to the permanent block list.
119.196.21.224/11 The criminal 119.196.21.224 in Korea Telecom (KR) (2010.12.24)
Malicious and huge ssh brute force attack (2 login attempts) focusing on the root passowrd only.
This is the 3rd attack by 119.196.21.224 since Oct 4 2010 and Sep 20 2010.
Add 119.192.0.0/11 to the permanent block list.
222.221.2.210/11+ The criminal 222.221.2.210 in CHINANET yunnan province network in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.24)
Malicious and huge ssh brute force attack (1 login attempts) focusing on the root password.
This is the 12th attack by 222.221.2.210 since Nov 11 2010, Sep 24 2010, Sep 12 2010, Jun 29 2010, Feb 9 2010, Dec 16 2009, Jun 1 2009, Apr 30 2009, Feb 26 2009 and Nov 22 2008.
Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
194.140.245.76/24 194.140.245.76 (ah1.ro.autohub.eu) in autohub.eu in Digital IT Consulting SRL (RO) (2010.12.24)
Malicious and huge ssh brute force attack (129 login attempts) focusing on the root password.
202.160.123.147/22 202.160.123.147 in Skydio Pte Ltd (SG) (2010.12.24)
Malicious and huge ssh brute force attack (900 login attempts).
218.232.109.209/13 218.232.109.209 in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2010.12.23)
Malicious and huge ssh brute force attack (208 login attempts) focusing on the root password.
Add 218.232.0.0/13 to the permanent block list.
83.170.66.20/18 83.170.66.20 in UK2.NET. (GB) (2010.12.23)
Malicious and huge ssh brute force attack (208 login attempts) focusing on the root password.
We received an automatic receipt from UK2.net. (2010.12.23).
59.53.56.148/11+ The criminal 59.53.56.148 in CHINANET jiangxi province network (江西电信) in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.23)
Malicious and huge ssh brute force attack (7 login attempts) focusing on the root password only.
This is the 4th attack by 59.53.56.148 since Nov 27 2010, Nov 13 2010 and Oct 1-13 2010.
Add 58.30.0.0/15 and 58.32.0.0/11 to the permanent block list.
58.180.49.41/16+ 58.180.49.41 in ONSE Telecom (온세텔레콤) (KR) (2010.12.21, mail error 2010.12.22)
Malicious and huge ssh brute force attack (68 login attempts).
The contact e-mail address onse-ip@matrix.shinbiro.com does not work because of 'This message can't be delivered.' (2010.12.22)
Add 58.180.0.0/16 and 58.181.0.0/18 to the permanent block list.
180.168.6.11/12+ 180.168.6.11 in CHINANET shanghai province network (中国电信上海信息产业(集团)有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.21)
Malicious and huge pop login attacks (92 login attempts).
Add 180.152.0.0/13 and 180.160.0.0/12 to the permanent block list.
61.156.20.2/10 61.156.20.2 in www.wfinfo.cn (中国联合网络通信有限公司潍坊市分公司) in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2010.12.21)
Malicious and huge ssh brute force attack (189 and more login attempts) focusing on the root password.
The contact e-mail address ip@pub.sd.cninfo.net does not work because of '<ip@pub.sd.cninfo.net>: host pub.sd.cninfo.net[218.57.22.48] said: 530 #2175013 Authentication required (in reply to MAIL FROM command)' (2010.12.21)
Add 61.128.0.0/10 to the permanent block list.
66.11.123.195/20 66.11.123.195 (cms.suavemente.net) in Suavemente, INC. (US) (2010.12.19)
Malicious and huge ssh brute force attack (85 and more login attempts) focusing on the root password only.
69.162.114.90/18 The criminals' host 69.162.114.90 (90-114-162-69.reverse.lstn.net = www.jerseyer.com) in the criminals' host jerseyer shop in Limestone Networks, Inc. (US) (2010.12.18)
Malicious and huge ssh brute force attack (391 login attempts) focusing on the root password.
This is the 2nd attack bu the criminals' host 69.162.114.90 (90-114-162-69.reverse.lstn.net = www.jerseyer.com) since Dec 9 2010.
Add 69.162.64.0/18 to the permanent block list.
200.105.202.123/7 200.105.202.123 (static-200-105-202-123.acelerate.net = mail.iseye.com.bo = krypton.iseye.com.bo) in ISE&E S.R.L. in AES Communications Bolivia S.A. (BO) (2010.12.18)
Malicious and huge ssh brute force attack (640 login attempts).
Add 200.0.0.0/7 to the permanent block list.
61.19.255.53/20 61.19.255.53 (thai-report.com) in THAI REPORT SOFTWARE HOUSE in CAT TELECOM Data Comm. Dept, IDC Office (TH) (2010.12.18)
Malicious and huge ssh brute force attack (29 login attempts) focusing on the root password only.
We received an automatic receipt from CAT TELECOM. (2010.12.19).
221.1.80.84/12 The criminals' host 221.1.80.84 in Shouguangshucaiyiyuanshipin in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2010.12.17)
Malicious and huge pop login attempts (4 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 221.1.80.84 since Aug 24-25 2010.
Add 221.0.0.0/12 to the permanent block list.
218.77.8.218/11+ The criminals' host 218.77.8.218 (www.hhtyz.com) in No.1 Railway Middle School (怀化市铁一中) in the criminmals' heaven network CHINA TELECOM HUNAN BRANCH (中国电信湖南公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.17)
Malicious and huge ssh brute force attack (9 login attempts) focusing on the root password.
This is the 2nd attack by he criminals' host 218.77.8.218 (www.hhtyz.com) since Nov 19 2010.
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
202.108.137.62/12+ The criminals' host 202.108.137.62 in China Unicom Beijing province network (中国联合网络通信有限公司北京市分公司) in China Unicom (中国联通) (CN) (2010.12.17)
Malicious and huge ssh brute force attack (208 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 202.108.137.62 since Dec 16 2010.
Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
202.108.137.62/12+ 202.108.137.62 in China Unicom Beijing province network (中国联合网络通信有限公司北京市分公司) in China Unicom (中国联通) (CN) (2010.12.16)
Malicious and huge ssh brute force attack (208 login attempts) focusing on the root password.
Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
82.79.76.85/14 82.79.76.85 (www.maramures.insse.ro) in Directia Judeteana de Statistica Maramures in Romania Data Systems (RO) (2010.12.16)
Malicious and huge ssh brute force attack (275 and more login attempts) focusing on the root password only.
The contact e-mail address abuse@rdsnet.ro does not work because of '<abuse@rdsnet.ro>: host mx1.rdsnet.ro[193.231.236.93] said: 551 SPAM. (in reply to RCPT TO command)' (2010.12.16)
Add 82.76.0.0/14 to the permanent block list.
59.25.178.137/11 59.25.178.137 in (jae)daegudijiteolsaneobjinheungwon in Korea Telecom (KR) (2010.12.16)
Malicious and huge ssh brute force attack (46 login attempts) focusing on the root password.
Add 59.0.0.0/11 to the permanent block list.
190.205.157.179/8+ 190.205.157.179 (190-205-157-179.dyn.dsl.cantv.net) in CANTV Servicios, Venezuela (VE) (2010.12.16)
Malicious and huge ssh brute force attack (216 login attempts) focusing on the root password only.
Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
178.150.125.242/15 178.150.125.242 (242.125.150.178.triolan.net) in UA-EDUNETWORKS in TRIOLAN (UA) (2010.12.15)
Malicious and huge ssh brute force attack (65 and more login attempts) focusing on the root password only.
218.23.82.203/11 The criminal 218.23.82.203 in ANHUI TELECOM in CHINANET Anhui province network in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.15)
Malicious and huge ssh brute force attack (10 login attempts) focusing on the root password only.
This is the 6th attack by 218.23.82.203 since Aug 26 2010, Dec 14 2009, Jun 12 2009, Feb 9 2009 and Jan 21 2009.
Add 218.0.0.0/11 to the permanent block list.
203.172.254.77/18 203.172.254.77 in Ministry of Education Network Operation Center (TH) (2010.12.9 mail error 2010.12.15)
Malicious and huge ssh brute force attack (45 login attempts) focusing on the root password.
The contact e-mail address charnsak@emisc.moe.go.th does not work because of '<charnsak@emisc.moe.go.th>: host emisc.moe.go.th[203.146.15.2] said: 452 4.2.2 Over quota (in reply to end of DATA command)' (2010.12.15)
Add 203.172.192.0/18 to the permanent block list.
173.192.95.66/15 173.192.95.66 (173.192.95.66-static.reverse.softlayer.com) in SoftLayer Technologies Inc. (US) (2010.12.14)
Malicious and huge ssh brute force attack (99 and more login attempts) focusing on the root password.
200.84.26.160/7 200.84.26.160 (200.84.26-160.dyn.dsl.cantv.net) in CANTV Servicios, C.A. (VE) (2010.12.14)
Malicious and huge ssh brute force attack (212 login attempts).
Add 200.0.0.0/7 to the permanent block list.
201.161.48.185/7 201.161.48.185 (201-161-48-185.internetmax.maxcom.net.mx) in GRUPO NACIONAL DE PROMOCION Y VENTAS in Maxcom (MX) (2010.12.14)
Malicious and huge ssh brute force attack (52 login attempts) focusing on the root password.
Add 200.0.0.0/7 to the permanent block list.
180.150.228.142/21+ 180.150.228.142 (www.80port.com) in 80PORT (팔공포트) in EHOSTIDC (이호스트IDC) (KR) (2010.12.13)
Malicious and huge ssh brute force attack (632 and more login attempts).
Add 180.150.192.0/19 and 180.150.224.0/21 to the permanent block list.
61.73.201.189/13+ 61.73.201.189 in jinbubungigug in KOREA TELECOM (KR) (2010.12.13)
Malicious and huge pop login attacks (175 login attempts).
Add 61.72.0.0/13, 61.80.0.0/14 and 61.84.0.0/15 to the permanent block list.
202.141.75.172/17+ 202.141.75.172 in Education and Research Network India (IN) (2010.12.13)
Malicious and huge ssh brute force attack (68 login attempts).
41.128.64.167/16 41.128.64.167 (host-41-128-64-167.static.link.com.eg) in Link Egypt (EG) (2010.12.12)
Malicious and huge ssh brute force attack (1,798 login attempts).
202.107.228.137/12+ The criminals' host 202.107.228.137 in Jinhua Telecommunication Co.ltd in CHINANET-ZJ Jinhua (中国电信杭州分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.12)
Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password only.
This is the 3rd attack by the criminals' host 202.107.228.137 since Jun 10 2010 and Jan 18 2010
Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
61.43.42.13/14+ 61.43.42.13 in LG DACOM Corporation (LG유플러스) (KR) (2010.12.12)
Malicious and huge ssh brute force attack (3,037 login attempts).
Add 61.32.0.0/13 and 61.40.0.0/14 to the permanent block list.
211.115.89.47/13+ 211.115.89.47 (ns.medicalad.com) in MEDICALADC (메디칼애드) in gabia (가비아) in LG DACOM KIDC (LG유플러스 KIDC) (KR) (2010.12.12)
Malicious and huge ssh brute force attack (3,254 login attempts).
The contact e-mail address liy@gabia.com expanded from security@gabia.com not work because of '<liy@gabia.com>: Sorry, no mailbox here by that name. (#5.1.1)' (2010.12.12)
Add 211.104.0.0/13 and 211.112.0.0/13 to the permanent block list.
219.238.180.99/12+ 219.238.180.99 in Beijing SHOU XIN GU FEN CO.LTD (Dongcheng Distric, Beijing) in Pang Patrick (bill.pang@bj.datadragon.net) (CN) (2010.12.11)
Malicious and huge ssh brute force attack (93 login attempts).
Add 219.216.0.0/13 and 219.224.0.0/12 to the permanent block list.
208.43.99.198/29(/16) 208.43.99.198 (208.43.99.198-static.reverse.softlayer.com) in Flexi e-Solutions Pty Ltd in SoftLayer Technologies Inc. (US) (2010.12.11)
Malicious and huge ssh brute force attack (142 login attempts) focusing on the root password.
We received a receipt from Flexi e-Solutions Pty Ltd. (2010.12.12).
We received a good report from Flexi e-Solutions Pty Ltd. (2010.12.13).
123.147.247.121/12+ 123.147.247.121 in China Unicom Chongqing province network (中国联通重庆分公司) in China Unicom (中国联通) (2010.12.11)
Malicious and huge ssh brute force attack (50 login attempts) focusing on the root password only.
Add 123.144.0.0/12 and 123.160.0.0/12 to the permanent block list.
We received a good report from China Unicom Chongqing province network. (2010.12.13).
218.107.139.2/14+ The criminal 218.107.139.2 in China Unicom Beijing province network (中国联合网络通信有限公司北京市分公司) in China Unicom (中国联通) (CN) (2010.12.11)
Malicious and huge ssh brute force attack (2 login attempts).
This is the 10th attack by 218.107.139.2 since May 1 2010, Feb 10 2010, Feb 8 2010, Feb 7 2010 (twice), Feb 3 2010, Dec 25 2009, Dec 11 2009 and Dec 7 2009.
Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
217.21.112.41/20 217.21.112.41 (mail.access350.co.ke) in Swift Global (K) Ltd (KE) (2010.12.10)
Malicious and huge ssh brute force attack (860 login attempts).
We received a report from Swift Global (K) Ltd. (2010.12.14).
120.204.195.111/10 120.204.195.111 in China Mobile Communications Corporation (中国移动通信) (CN) (2010.12.10)
Malicious and huge ssh brute force attack (115 login attempts) focusing on the root password.
Add 120.192.0.0/10 to the permanent block list.
209.160.20.69/18+ 209.160.20.69 in HopOne Internet Corporation (US) (2010.12.10)
Malicious and huge ssh brute force attack (45 login attempts) focusing on the root password.
We received a receipt from HopOne Internet Corporation. (2010.12.10).
60.216.5.86/12+ The criminals' host 60.216.5.86 in CNC Group CHINA169 Shandong Province Network in China Unicom (中国联通) (CN) (2010.12.10)
Malicious and huge ssh brute force attack (49 login attempts) focusing on the root password.
And 60.216.5.86 is also famous for the PHISHING site.
This is the 2nd attack by the criminals' host 60.216.5.86 since Dec 1 2010.
Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
165.139.40.1/16 165.139.40.1 in Indiana Department of Education in Educaiotn Networks in America (US) (2010.12.10)
Malicious and huge ssh brute force attack (1,107 login attempts) focusing on the root password only.
218.30.5.19/11 The criminal 218.30.5.19 in the crimianl CHINANET backbone network in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.10)
Malicious and huge ssh brute force attack (223 login attempts).
This is the 5th attack by 218.30.5.19 since Dec 6 2010, Nov 27 2010, Nov 21 2010 and Nov 19 2010.
Add 218.0.0.0/11 to the permanent block list.
69.162.114.90/18 69.162.114.90 (90-114-162-69.reverse.lstn.net = www.jerseyer.com) in jerseyer shop in Limestone Networks, Inc. (US) (2010.12.9)
Malicious and huge ssh brute force attack (391 login attempts) focusing on the root password.
187.17.73.180/7 187.17.73.180 (187-17-73-180.whservidor.com) in Universo Online S.A. (BR) (2010.12.8)
Malicious and huge ssh brute force attack (48 and more login attempts) focusing on the root password only.
Add 186.0.0.0/7 to the permanent block list.
217.67.237.34/19 217.67.237.34 (stream1.traffichosting.nl) in GrafiX Internet B.V. (NL) (2010.12.8)
Malicious and huge ssh brute force attack (41 login attempts) focusing on the root password only.
66.109.17.4/20 66.109.17.4 in Galaxyvisions Inc (US) (2010.12.8)
Malicious and huge ssh brute force attack (44 login attempts) focusing on the root password.
122.155.7.224/20 122.155.7.224 in CAT TELECOM Data Comm. Dept, IDC Office (TH) (2010.12.8)
Malicious and huge ssh brute force attack (3,245 and more login attempts).
71.9.23.233/28(/13) 71.9.23.233 (71-9-23-233.static.reno.nv.charter.com) in Sierra Nevada College in Charter Communications (US) (2010.12.8)
Malicious and huge ssh brute force attack (531 login attempts) focusing on the root password.
We received a receipt from Charter High-Speed Internet Security Team. (2010.12.8).
121.88.249.125/16 121.88.249.125 in KuRO TV in C&M Communication Co.,Ltd. ((주)씨앤앰) (KR) (2010.12.7)
Malicious and huge ssh brute force attack (92 and more login attempts).
Add 121.88.0.0/16 to the permanent block list.
64.235.44.176/19 64.235.44.176 (palscoupons.com) in palscoupons.com in Las Vegas NV Datacenter in PremiaNet (US) (2010.12.7)
Malicious and huge ssh brute force attack (45 login attempts) focusing on the root password.
123.183.211.82/14+ The criminals' host 123.183.211.82 (visoole.com) in CHINANET hebei province network in CHINA TELECOM (CN) (2010.12.7)
Malicious and huge ssh brute force attack (83 and more login attempts).
This is the 2nd attack by the criminals' host 123.183.211.82 (visoole.com) since Oct 13 2010.
The contact e-mail address hostmaster@hbtele.com does not work because of '<hostmaster@hbtele.com>: host hbtele.com[219.148.62.207] said: 550 5.7.1 Message rejected as spam by Content Filtering. (in reply to end of DATA command)' (2010.12.7)
Add 123.177.0.0/16, 123.178.0.0/15, 123.180.0.0/14 and 123.184.0.0/13 to the permanent block list.
218.30.15.215/11 The criminal 218.30.15.215 in the criminals' netowrk CHINANET backbone network in the criminals' netowrk CHINA TELECOM (中国电信集团公司) (CN) (2010.12.6)
Malicious and huge ssh brute force attack (2 login attempts).
This is the 3rd attack by 218.30.15.215 since Dec 5 2010 and Nov 27 2010.
Add 218.0.0.0/11 to the permanent block list.
218.30.5.19/11 The criminal 218.30.5.19 in the crimianl CHINANET backbone network in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.6)
Malicious and huge ssh brute force attack (1,093 login attempts).
This is the 4th attack by 218.30.5.19 since Nov 27 2010, Nov 21 2010 and Nov 19 2010.
Add 218.0.0.0/11 to the permanent block list.
27.111.191.154/19 27.111.191.154 in Equinix Asia Pacific Pte Ltd (HK) (2010.12.6)
Malicious and huge ssh brute force attack (265 login attempts).
121.14.34.52/13+ 121.14.34.52 in beijingxijiehuanqiukejiyouxiang in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.6)
Malicious and huge ssh brute force attack (77 and more login attempts).
The contact e-mail address ipadm@gddc.com.cn does not work because of 'host 127.0.0.1[127.0.0.1] said: 550 amount exceed mailbox quota (in reply to end of DATA 20command)' (2010.12.6)
Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
67.231.254.17/20 67.231.254.17 (67-231-254-17.turnkeyinternet.net) in Turnkey Internet Inc (US) (2010.12.6)
Malicious and huge pop login attacks (76 login attempts).
58.254.151.99/12 58.254.151.99 in China Unicom Guangdong province network (中国联通广东分公司) in China Unicom (中国联通) (CN) (2010.12.6)
Malicious and huge ssh brute force attack (81 and more login attempts).
Add 58.240.0.0/12 to the permanent block list.
218.30.15.215/11 The criminals' host 218.30.15.215 in the criminals' heaven netowrk CHINANET backbone network in the criminals' heaven netowrk CHINA TELECOM (中国电信集团公司) (CN) (2010.12.5)
Malicious and huge ssh brute force attack (100 login attempts).
This is the 2nd attack by the criminals' host 218.30.15.215 since Nov 27 2010.
Add 218.0.0.0/11 to the permanent block list.
77.221.156.210/19 77.221.156.210 (77.221.156.210.addr.datapoint.ru) in INFOBOX (RU) (2010.12.4-5)
Malicious, huge and low frequency (per 4 minutes) ssh brute force attack (207 and more login attempts).
221.122.58.228/15 221.122.58.228 in CECT-CHINACOMM COMMUNICATIONS Co.,Ltd. (中电华通通信有限公司) (CN) (2010.11.28, mail error 2010.12.4)
Malicious and huge ssh brute force attack (84 login attempts) focusing on the root password.
CECT-CHINACOMM COMMUNICATIONS Co.,Ltd. is also famous as spammer's network.
The contact e-mail address ipmaster@cect-chinacomm.com does not work because of '<ipmaster@cect-chinacomm.com>: host smtp.cect-chinacomm.com.cn[211.157.102.72] said: 452 Invalid sender: our@mail.address (in reply to MAIL FROM command)' (2010.12.4)
Add 221.122.0.0/15 to the permanent block list.
89.106.25.98/19 The criminal 89.106.25.98 (mail.sugraphic.com) in sugraphic.com in Grid Telekom (TR) (2010.12.3)
Malicious and huge ssh brute force attack (167 login attempts) focusing on the root password only.
This is the 4th attack by 89.106.25.98 (mail.sugraphic.com) since Oct 24 2010, Oct 23 2010 and May 27 2010.
Add 89.106.0.0/19 to the permanent block list.
118.102.26.164/20 118.102.26.164 in Langfang Development Area Huarui Xintong Network Technology Co., Ltd. (CN) (2010.12.3)
Malicious and huge ssh brute force attack (186 login attempts).
Add 118.102.16.0/20 to the permanent block list.
200.99.112.134/7 200.99.112.134 in TRIP INFORMATICA LTDA (BR) (2010.12.3)
Malicious and huge ssh brute force attack (419 login attempts).
This is the 2nd attack by 200.99.112.134 since Feb 21 2010.
Add 200.0.0.0/7 to the permanent block list.
87.194.19.213/23 87.194.19.213 in O2 Broadband (GB) (2010.12.2-3)
Malicious and huge ssh brute force attack (1,160 login attempts).
203.129.220.220/21 203.129.220.220 in TKMITAU13415 in Software Technology Parks of India (IN) (2010.12.2)
Malicious and huge ssh brute force attack (41 login attempts) focusing on the root password.
95.154.241.61/23+(/18) The criminal 95.154.241.61 in iDeal Hosting (TR) in RapidSwitch Ltd (GB) (2010.12.2)
Malicious and huge pop login attacks (51 login attempts).
This is the 3rd attack by 95.154.241.61 since Dec 1 2010 and Nov 20 2010.
The contact e-mail address abuse@idealhosting.net.tr does not work because of 'pipe to |/home/panelid/public_html/cli/cli.php generated by abuse@panel.idealhosting.net.tr (ultimately generated from abuse@idealhosting.net.tr) local delivery failed' (2010.12.3)
Add 95.154.236.0/23, 95.154.240.0/23, 95.154.242.0/24 and 95.154.248.0/22 to the permanent block list.
122.219.128.185/12 122.219.128.185 (122x219x128x185.ap122.ftth.ucom.ne.jp) in TKMITAU13415 in UCOM Corporation (JP) (2010.12.2)
Malicious and huge ssh brute force attack (5,310 login attempts).
We received a receipt from UCOM Corporation. (2010.12.2).
66.240.234.108/18 66.240.234.108 (fc7234108.aspadmin.net) in aspadmin.net in CariNet, Inc. (US) (2010.12.1)
Malicious and huge ssh brute force attack (64 login attempts) focusing on the root password.
222.76.149.201/11+ The criminals' host 222.76.149.201 in CHINANET fujian province network (中国电信福建分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.12.1)
Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password only.
This is the 2nd attack by the criminals' host 222.76.149.201 since Nov 25 2010.
Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
60.216.5.86/12+ 60.216.5.86 in CNC Group CHINA169 Shandong Province Network in China Unicom (中国联通) (CN) (2010.12.1)
Malicious and huge ssh brute force attack (49 login attempts) focusing on the root password.
And 60.216.5.86 is also famous for the PHISHING site.
Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
123.30.183.120/18(/15) 123.30.183.120 (static.vdc.vn) in VietNam Post and Telecom Corporation (VNPT) in VietNam Data Communication Company (VDC) (VN) (2010.12.1)
Malicious and huge ssh brute force attack (15 login attempts) focusing on the root password.
This is the 2nd attack by 123.30.183.120 (static.vdc.vn) since Nov 11 2010-Dec 1 2010.
123.30.183.120/18(/15) 123.30.183.120 (static.vdc.vn) in VietNam Post and Telecom Corporation (VNPT) in VietNam Data Communication Company (VDC) (VN) (2010.11.11-2010.12.1)
Malicious and huge ssh brute force attack (45 login attempts) focusing on the root password.
95.154.241.61/23+(/18) The criminals' host 95.154.241.61 in iDeal Hosting (TR) in RapidSwitch Ltd (GB) (2010.12.1)
Malicious and huge pop login attacks (656 login attempts).
This is the 2nd attack by the criminals' host 95.154.241.61 since Nov 20 2010.
The contact e-mail address abuse@idealhosting.net.tr does not work because of 'pipe to |/home/panelid/public_html/cli/cli.php generated by abuse@panel.idealhosting.net.tr (ultimately generated from abuse@idealhosting.net.tr) local delivery failed' (2010.12.1)
Add 95.154.236.0/23, 95.154.240.0/23, 95.154.242.0/24 and 95.154.248.0/22 to the permanent block list.
121.9.205.79/13+ The criminal 121.9.205.79 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.30)
Malicious and huge ssh brute force attack (110 and more login attempts).
This is the 3rd attack by 121.9.205.79 since Nov 19 2010 (twice).
The contact e-mail address ipadm@gddc.com.cn does not work because of 'host 127.0.0.1[127.0.0.1] said: 550 amount exceed mailbox quota (in reply to end of DATA 20command)' (2010.11.30)
Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
190.68.110.26/8+ 190.68.110.26 in COLOMBIA TELECOMUNICACIONES S.A. ESP (CO) (2010.11.30)
Malicious and huge ssh brute force attack (353 and more login attempts).
Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
83.169.32.135/18 83.169.32.135 (www.hnf-hq.de = crosscountrynordheide.de) in CrossCountryNordheide = CrossCountryNordheide in Host Europe GmbH (DE) (2010.11.30)
Malicious and huge ssh brute force attack (1,071 login attempts) focusing on the root password.
221.181.1.155/13+ The criminal 221.181.1.155 in China Mobile Communications Corporation (中国移动通信) (CN) (2010.11.30)
Malicious and huge ssh brute force attack (1 login attempts).
This is the 5th attack by 221.181.1.155 since Nov 18 2010, Oct 25 2010, Sep 27 2010 and Sep 16 2010.
Add 221.172.0.0/14 and 221.176.0.0/13 to the permanent block list.
95.154.241.61/18 95.154.241.61 in iDeal Hosting (TR) in RapidSwitch Ltd (GB) (2010.11.29)
Malicious and huge pop login attacks (337 login attempts).
65.98.11.2/17 65.98.11.2 in Fortress Integrated Technologies (US) (2010.11.28)
Malicious and huge ssh brute force attack (135 login attempts) focusing on the root password.
173.192.213.20/15 173.192.213.20 in SoftLayer Technologies Inc. (US) (2010.11.28)
Malicious and huge ssh brute force attack (442 login attempts) focusing on the root password.
220.227.15.141/14 The criminals' host 220.227.15.141 in Reliance Communications Ltd (IN) (2010.10.28)
Malicious and huge ssh brute force attack (31 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 220.227.15.141 since Oct 14 2010.
Add 220.224.0.0/14 to the permanent block list.
148.243.170.193/13+ 148.243.170.193 (na-148-243-170-193.static.avantel.net.mx = www.wc.com.mx = www.masco.com.mx = www.pidsa.com = www.llaves.com.mx = www.fillpro.com = www.mcgiver.com.mx = www.renueva.com = www.mascomex.mx = www.mascomex.biz = www.mascomex.com = www.mascomex.net = www.plomeria.com.mx = www.comolousas.com) in MASCOMEX S.A. DE C.V. in Axtel S.A.B. de C.V. (MX) (2010.11.28)
Malicious and huge pop login attacks (67 login attempts).
No contact email address.
Add 148.201.0.0/16, 148.202.0.0/15, 148.204.0.0/14, 148.208.0.0/12, 148.224.0.0/12, 148.240.0.0/13, 148.248.0.0/15 and 148.250.0.0/16 to the permanent block list.
114.80.200.116/12+ The criminals' host 114.80.200.116 in CHINANET shanghai province network (中国电信上海信息产业(集团)有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.28)
Malicious and huge pop login attacks (67 login attempts).
This is the 2nd attack by the criminals' host 114.80.200.116 since Oct 18 2010.
Add 114.80.0.0/12, 114.96.0.0/13 and 114.104.0.0/14 to the permanent block list.
67.212.68.32/19 67.212.68.32 in Netelligent Hosting Services Inc. (CA) (2010.11.27)
Malicious and huge ssh brute force attack (167 login attempts) focusing on the root password.
We received a report from Netelligent Hosting Services. (2010.11.30).
218.30.5.19/11 The criminal 218.30.5.19 in the crimianls' network CHINANET backbone network in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.27)
Malicious and huge ssh brute force attack (563 login attempts).
This is the 3rd attack by 218.30.5.19 since Nov 21 2010 and Nov 19 2010.
Add 218.0.0.0/11 to the permanent block list.
114.112.178.75/13 114.112.178.75 in Putian (Xinxi Road, Shangdi, Haidian district, Beijingg) in 163.com (网易公司) (CN) (2010.11.27)
Malicious and huge ssh brute force attack (168 login attempts).
Add 114.112.0.0/13 to the permanent block list.
218.108.231.34/15+ 218.108.231.34 in WASU TV & Communication Holding Co.,Ltd. (CN) (2010.11.22, mail error 2010.11.27)
Malicious and huge ssh brute force attack (68 and more login attempts).
The contact e-mail address allon@chinahcn.com does not work because of '<allon@chinahcn.com>: connect to smg.chinahcn.com[218.108.250.184]: Connection refused' (2010.11.27)
Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
218.30.15.215/11 218.30.15.215 in CHINANET backbone network in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.27)
Malicious and huge ssh brute force attack (169 login attempts).
Add 218.0.0.0/11 to the permanent block list.
59.53.56.148/11+ The criminal 59.53.56.148 in CHINANET jiangxi province network (江西电信) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.27)
Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password.
This is the 3rd attack by 59.53.56.148 since Nov 13 2010 and Oct 1-13 2010.
Add 58.30.0.0/15 and 58.32.0.0/11 to the permanent block list.
148.208.217.77/12+ 148.208.217.77 in Secretaria de Educacion e Investigacion Tecnologic in the crimials' heaven network INFOTEC. (MX) (2010.11.21-22, mail error 2010.11.27)
Malicious and huge ssh brute force attack (1,473 login attempts).
The contact e-mail address eccmy@ZEUS.RTN.NET.MX does not work because of '<eccmy@ZEUS.RTN.NET.MX>: connect to ZEUS.RTN.NET.MX[204.153.24.7]: Connection timed out' (2010.11.27)
Add 148.201.0.0/16, 148.202.0.0/15, 148.204.0.0/14, 148.208.0.0/12, 148.224.0.0/12,148.240.0.0/13, 148.248.0.0/15 and 148.250.0.0/16 to the permanent block list.
190.82.80.114/8+ 190.82.80.114 (190-82-80-114.static.tie.cl = ns.agenciajvr.cl) in Agencia de Aduanas in Telefonica Empresas (CL) (2010.11.26)
Malicious and huge ssh brute force attack (1,491 and more login attempts).
Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
202.102.108.11/12+ 202.102.108.11 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.16-25)
Malicious and huge ssh brute force attack (54 login attempts).
Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
218.85.135.103/11+ 218.85.135.103 in CHINANET fujian province network (中国电信福建分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.25)
Malicious and huge ssh brute force attack (266 and more connect attempts).
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
222.76.149.201/11+ 222.76.149.201 in CHINANET fujian province network (中国电信福建分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.25)
Malicious and huge ssh brute force attack (118 login attempts) focusing on the root password only.
Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
218.69.106.52/11+ The criminal 218.69.106.52 in the criminals' netwoerk China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in China Unicom (中国联通). (CN) (2010.11.24)
Malicious and huge ssh brute force attack (1 login attempts).
This is the 3rd attack by 218.69.106.52 since Nov 22 2010 and Aug 12 2010.
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
222.33.200.210/11+ 222.33.200.210 in CHINA RAILWAY TELECOMMUNICATIONS (中国铁通) (CN) (2010.11.24)
Malicious and huge ssh brute force attack (663 login attempts) focusing on the root password.
Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
203.126.53.110/18 The criminals' host 203.126.53.110 in Singapore Telecommunications Ltd. (SG) (2010.11.24)
Malicious and huge ssh brute force attack (488 login attempts).
This is the 2nd attack by the criminals' host 203.126.53.110 since Nov 6 2010.
Add 203.126.0.0/18 to the permanent block list.
61.168.227.12/10 The crimial 61.168.227.12 (pc12.zz.ha.cn) in the world no.1 criminals' paradise China Unicom Henan province network (中国联通河南省分公司) in China Unicom (中国联通) (CN) (2010.11.24)
Malicious and huge ssh brute force attack (300 login attempts) focusing on the root password.
This is the 19th attack by the crimial 61.168.227.12 (pc12.zz.ha.cn) since Oct 22 2010, Sep 22 2010, Aug 28 2010, Aug 1 2010, Jun 19 2010, Jun 17 2010, May 25 2010, May 19 2010, Apr 22 2010, Mar 26 2010, Feb 18 2010, Jan 26 2010, Jan 18 2010, Dec 24 2009, Dec 17 2009, Oct 2 2009, Sep 26 2009 and Sep 22 2009.
The contact e-mail address abuse@public.zz.ha.cn does not work because of '<abuse@public.zz.ha.cn>: 收信人邮箱空间不足。 The user's space has been used up.' (2010.11.25)
Add 61.128.0.0/10 to the permanent block list.
210.51.57.252/16+ The criminals' host 210.51.57.252 in Shanghai Caohejing IDC of China Netcom in China Unicom (中国联通) (CN) (2010.11.19, mail error 2010.11.24)
Malicious and huge ssh brute force attack (44 login attempts) focusing on the root password.
This is the 2nd attack by the criminals' host 210.51.57.252 since Nov 5-15 2010.
The contact e-mail address qianyp@china-netcom.com does not work because of '<qianyp@china-netcom.com>: connect to china-netcom.com[210.53.66.251]: Connection timed out' (2010.11.24)
Add 210.51.0.0/16 and 210.52.0.0/15 to the permanent block list.
216.59.3.102/18 216.59.3.102 in FiberMAX Networks in Netriplex LLC (US) (2010.11.23)
Malicious and huge ssh brute force attack (75 and more login attempts).
We received a receipt from Netriplex LLC. (2010.11.23).
122.194.111.7/14 122.194.111.7 in China Unicom Jiangsu province network (中国联合通信有限公司江苏分公司) in China Unicom (中国联通). (CN) (2010.11.23)
Malicious and huge ssh brute force attack (260 and more login attempts).
Add 122.192.0.0/14 to the permanent block list.
35.9.26.235/15+ 35.9.26.235 (cps-26-235.cse.msu.edu) in Michigan State University. (US) (2010.11.23)
Malicious and huge ssh brute force attack (895 login attempts) focusing on the root password only.
80.96.135.134/23 80.96.135.134 (online-station6.minisat.ro) in the crimianls' heaven network SC Minisat srl (Trgoviste, Romania) (RO) (2010.11.22)
Malicious and huge smtp relay attmpts (20 attempts).
No contact e-mail address.
Add 80.96.134.0/23 to the permanent block list.
116.127.94.228/13 116.127.94.228 in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2010.11.22)
Malicious and huge ssh brute force attack (520 login attempts) focusing on the root password only.
Add 116.120.0.0/13 to the permanent block list.
218.69.106.52/11+ The criminals' host 218.69.106.52 in the criminals' heaven netwoerk China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in China Unicom (中国联通). (CN) (2010.11.22)
Malicious and huge ssh brute force attack (1 login attempts).
This is the 2nd attack by the criminals' host 218.69.106.52 since Aug 12 2010.
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
116.55.227.91/14+ 116.55.227.91 (91.227.55.116.broad.km.yn.dynamic.163data.com.cn) in CHINANET yunnan province network (ynipm@126.com 136 beijin roadkunming, china) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.22)
Malicious and huge ssh brute force attack (116 and more login attempts) focusing on the root password only.
The contact e-mail address ynipm@126.com does not work because of '<ynipm@126.com>: host 126mx01.mxmail.netease.com[220.181.15.140] said: 550 User not found: ynipm@126.com (in reply to RCPT TO command)' (2010.11.22)
Add 116.52.0.00/14 and 116.56.0.00/15 to the permanent block list.
218.30.5.19/11 The criminals' host 218.30.5.19 in the crimianls' heaven network CHINANET backbone network in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.21)
Malicious and huge ssh brute force attack (30 login attempts).
This is the 2nd attack by the criminals' host 218.30.5.19 since Nov 19 2010.
Add 218.0.0.0/11 to the permanent block list.
70.39.119.76/18 70.39.119.76 in SHARKTECH INTERNET SERVICES. (US) (2010.11.20)
Malicious and huge pop login attacks (35 and more login attempts).
183.182.90.30/22 183.182.90.30 in Kaizen Infonet Pvt. Ltd.. (IN) (2010.11.20)
Malicious and huge ssh brute force attack (5 login attempts) focusing on the root password only.
This is the 2nd attack by 183.182.90.30 since Nov 20 2010 (today).
222.221.2.210/11+ The criminal 222.221.2.210 in CHINANET yunnan province network in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.20)
Malicious and huge ssh brute force attack (71 login attempts).
This is the 11th attack by 222.221.2.210 since Sep 24 2010, Sep 12 2010, Jun 29 2010, Feb 9 2010, Dec 16 2009, Jun 1 2009, Apr 30 2009, Feb 26 2009 and Nov 22 2008.
Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
210.51.57.252/16+ 210.51.57.252 in Shanghai Caohejing IDC of China Netcom in China Unicom (中国联通) (CN) (2010.11.5-15, mail error 2010.11.20)
Malicious and huge ssh brute force attack (39 login attempts) focusing on the root password.
The contact e-mail address qianyp@china-netcom.com does not work because of '<qianyp@china-netcom.com>: connect to china-netcom.com[210.53.66.251]: Connection timed out' (2010.11.20)
Add 210.51.0.0/16 and 210.52.0.0/15 to the permanent block list.
183.182.90.30/22 183.182.90.30 in Kaizen Infonet Pvt. Ltd.. (IN) (2010.11.20)
Malicious and huge ssh brute force attack (39 login attempts) focusing on the root password only.
121.9.205.79/13+ The criminals' host 121.9.205.79 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.19)
Malicious and huge ssh brute force attack (23 login attempts).
This is the 2nd attack by the criminals' host 121.9.205.79 since Nov 19 2010 (today).
The contact e-mail address ipadm@gddc.com.cn does not work because of 'host 127.0.0.1[127.0.0.1] said: 550 amount exceed mailbox quota (in reply to end of DATA 20command)' (2010.11.19)
Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
121.9.205.79/13+ 121.9.205.79 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.19)
Malicious and huge ssh brute force attack (2,410 login attempts).
The contact e-mail address ipadm@gddc.com.cn does not work because of 'host 127.0.0.1[127.0.0.1] said: 550 amount exceed mailbox quota (in reply to end of DATA 20command)' (2010.11.19)
Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
58.211.197.18/11 58.211.197.18 in Zhangjiagang Free Trade Zone Bestech Network Technology co.,ltd in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.19)
Malicious and huge ssh brute force attack (329 and more login attempts) focusing on the root password.
The contact e-mail address abuse@public1.sz.js.cn does not work because of '<abuse@public1.sz.js.cn>: host c60.jsmail.com.cn[61.155.13.170] said: 553 From <our mail address>, message blocked, RemoteSenderAuth=-1 restriction, remote user is not allowed. (in reply to MAIL FROM command)' (2010.11.19)
Add 58.192.0.0/11 to the permanent block list.
218.77.8.218/11+ 218.77.8.218 (www.hhtyz.com) in No.1 Railway Middle School (怀化市铁一中) in CHINA TELECOM HUNAN BRANCH (中国电信湖南公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.19)
Malicious and huge ssh brute force attack (1,192 and more login attempts).
Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
218.30.5.19/11 218.30.5.19 in CHINANET backbone network in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.19)
Malicious and huge ssh brute force attack (3,512 login attempts).
Add 218.0.0.0/11 to the permanent block list.
221.181.1.155/13+ The criminal 221.181.1.155 in China Mobile Communications Corporation (中国移动通信) (CN) (2010.11.18)
Malicious and huge ssh brute force attack (439 login attempts) focusing on the root password.
This is the 4th attack by 221.181.1.155 since Oct 25 2010, Sep 27 2010 and Sep 16 2010.
The contact e-mail address lfd@cert.org.cn redirected from cncert@cert.org.cn does not work because of '<cncertcc@cert.org.cn>: forward to lfd@cert.org.cn to inbox : maildrop: maildir over quota.' (2010.11.18)
Add 221.172.0.0/14 and 221.176.0.0/13 to the permanent block list.
61.146.115.75/10 61.146.115.75 in SHI POLICE OFFICE in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2010.11.18)
Malicious and huge ssh brute force attack (116 login attempts) focusing on the root password.
The contact e-mail address abuse@gddc.com.cn does not work because of 'host 127.0.0.1[127.0.0.1] said: 550 amount exceed mailbox quota (in reply to end of DATA command)' (2010.11.18)
And the contact e-mail address ipadm@gddc.com.cn does not work because of 'host 127.0.0.1[127.0.01] said: 550 amount exceed mailbox quota (in reply to end of DATA command)' (2010.11.18)
Add 61.128.0.0/10 to the permanent block list.
210.171.169.140/21 210.171.169.140 (chaco.elife.co.jp) in eLife, inc.. in ParkNet Inc.. (JP) (2010.11.18)
Malicious and huge ssh brute force attack (279 login attempts).
We received a rapid and good response from ParkNet Inc. (2010.11.18).
202.28.120.226/15 The criminals' host 202.28.120.226 in UniNet (Inter-university network). (TH) (2010.11.17)
Malicious and huge ssh brute force attack (15 login attempts) focusing on the root password.
This is the 2nd attack by tThe criminals' host 202.28.120.226 since Oct 16-25 2010.
Add 202.28.0.0/15 to the permanent block list.
networks permanently rejected
24.123.0.0/17
24.173.0.0/16
24.199.39.226/18
24.199.204.175/17
69.134.205.250/14
68.205.122.176/13
70.60.0.0/14
Road Runner (US)
41.78.76.0/22
Powertel Communications (Zimbabwe) (ZW)
58.64.0.0/17
Advance Datanetwork Communications Co.,Ltd. (TH)
58.68.0.0/17
Dishnet Wireless Limited (IN)
59.106.49.96/27
日本空間情報技術株式会社 (JP)
59.148.0.0/15
City Telecom (H.K.) Ltd. (HK)
60.198.0.0/15
Taiwan Fixed Network CO.,LTD. (台灣大電訊) (TW)
61.7.128.0/17
CAT Telecom (TH)
61.16.128.0/17
TATA Communications Internet Services Ltd (IN)
61.59.0.0/16
Seednet / Digital United Inc. (TW)
61.90.0.0/15
True Corporation (TH)
61.199.200.80/29
Vector International (ベクターインターナショナル株式会社) (JP)
62.26.219.0/24
JSis Network Solutions (DE)
62.39.117.136/29
OLYMPIQUE DE MARSEILLE (FR)
62.63.64.0/18
ArtX (RU)
62.72.110.116/19
Respons Advertising BVBA in COLT-BE (BE)
62.75.128.0/17
plusserver (intergenia AG)
62.81.241.208/29
Colegio Oficial de ingenieros Tecnicos Industriales in Ono.com (ES)
62.84.144.130/27
Martin Dohnal (CZ)
62.112.132.50/19
Tardeinfo GmbH in Netdiscounter GmbH (DE)
63.81.36.0/22
Top Speed Internet Service, LLC (US)
64.15.128.0/19
iWeb Technologies Inc. (US)
64.80.197.80/28
Anycolor Inc. in PaeTec Communications, Inc. (US)
64.169.45.66/12
64.171.127.90/12
65.67.13.26/13
66.121.145.195/13
66.139.79.199/13
68.75.86.8/13
69.208.29.243/12
69.215.39.177/12
69.228.253.114/12
SBC Internet Services (US)
64.237.96.0/20
ThruPort Technologies, Inc. (US)
64.0.0.0/14
65.104.0.0/14
67.88.0.0/13
67.152.0.0/14
207.101.0.0/16
216.112.0.0/16
XO Communications (US)
65.19.234.0/23
Interbel Telephone (US)
65.116.31.0/24
LAREDO COMMUNITY COLLEGE (US)
66.11.112.0/20
Suavemente, Inc. (US)
66.133.64.0/19
Giant, Inc. (US)
66.152.160.0/19
MULTACOM CORPORATION (US)
66.230.192.0/19
66.230.231.73/20
Neucom, Inc. (US)
67.18.216.226/15
ThePlanet.com Internet Services, Inc. (US)
67.202.0.0/18
Amazon.com, Inc. (US)
69.20.54.51/17
Rackspace.com, Ltd. (US)
69.162.64.0/18
Limestone Networks, Inc. (US)
70.88.0.0/14
Comcast Business Communications, Inc. (US)
74.52.0.0/15
74.54.0.0/16
ThePlanet.com Internet Services, Inc. (US)
75.127.64.0/18
Amazonas Filmes in Global Net Access, LLC (US)
75.144.0.0/13
Comcast Business Communications, Inc. (US)
76.197.19.48/28
PRAKASH BALEBAI-070221231148 (US)
77.91.192.0/21
Vermont-IT (RU)
77.233.192.0/19
ROSS Limited Company in IZMAYROVO.RU (RU)
78.110.160.0/20
UK Dedicated Servers Limited, VAServe LTD (GB)
79.170.192.0/22
Intrahost Limited (GB)
80.71.240.0/20
vnicsmv.ru in Rial Com JSC (RU)
80.74.128.0/19
METANET AG, Switzerland (CH)
80.90.112.0/20
SmartLogic Ltd. (RU)
80.91.160.0/19
Nibulon Nikolaev in DATAGROUPDATAGROUP (UA)
80.96.134.0/23
SC Minisat srl (RO)
80.191.0.0/16
Data Communications of Iran (IR)
80.200.0.0/15
Skynet (BE)
80.233.128.0/17
Telia Latvija (LV)
81.52.240.0/20
WebSatMedia Pte Ltd in France Telecom (SG)
81.209.149.64/26
Mathias Goldhan in Keyweb AG (DE)
82.76.0.0/14
Romania Data Systems (RO)
82.135.156.41/23
UAB "Elektronine prekyba ir Ko" (LT)
82.165.29.132/16
82.165.182.20/16
212.227.21.108/16
212.227.49.34/16
217.160.131.147/16
217.160.185.217/16
Schlund + Partner AG (DE/US)
82.193.128.0/19
Ural Regional Bank Net "UralWES" (RU)
83.0.0.0/11
Polish Telcom TPNET (PL)
83.246.112.0/20
SERVERPOOL (DE)
84.128.0.0/10
Deutsche Telekom AG (DE)
84.235.0.0/17
Saudi Telecom Co. (SA)
84.246.144.0/22
Legatel Telecom Srl (IT)
85.38.0.0/16
88.48.0.0/15
(part of 88.32.0.0/11)
Telecom Italia (IT)
85.112.96.0/20
Centaur Telecom (RU)
86.34.0.0/16
Romtelecom Data Network (RO)
88.86.64.0/19
Quantum Communications (RU)
88.191.0.0/16
Dedibox (FR)
89.21.128.0/22
TZ-Telecom (includes Ermakov Aleksey)
89.216.0.0/16
Serbia Broadband (RS)
90.189.128.0/17
Sibirtelecom (RU)
91.151.240.0/20
Novotelecom ltd. (RU)
92.55.64.0/18
Robi Cable TV in Neotel (MK)
93.95.64.0/21
ITV NET Network (MK)
93.100.0.0/16
SkyNet Network (RU)
93.180.88.0/21
Point To Point Ltd. in Bulgarian Internet Company Ltd. (BG)
94.243.0.0/18
MULTISERVICENETWORK (RU)
95.154.236.0/23
95.154.240.0/23
95.154.242.0/24
95.154.248.0/22
iDeal Hosting (TR) in RapidSwitch Ltd (GB)
98.142.208.0/20
WireSix (US)
109.207.0.0/20
JSC Rostelecom (RU)
112.133.192.0/18
RailTel Corporation (IN)
112.137.160.0/20
TM NET SDN BHD (MY)
116.66.160.0/20
Illuminate Internet Services Pty Ltd = Hostcentral (AU)
116.214.24.0/21
TULIP Telecom ltd. (IN)
118.98.128.0/17
Departemen Pendidikan Nasional Tim Data Center Jardiknas (ID)
118.100.0.0/15
TELEKOM MALAYSIA BERHAD (MY)
122.152.128.0/18
Asia Netcom Corporation (JP)
122.183.128.0/17
Bharti Telenet Ltd. Tamilnadu
122.160.234.0/23
ABTS DELHI (IN)
122.252.224.0/19
RailTel Corporation of India Ltd. (IN)
124.7.0.0/16
Sify Limited (IN)
124.30.0.0/16
Sify Limited (IN)
124.195.0.0/17
INDOSAT (ID)
124.247.192.0/18
TULIP Telecom (IN)
125.215.128.0/17
PCCW Business Netvigator (HK)
128.177.224.0/21
Fision - Digital Fiber Entertainment in AboveNet (US)
131.236.0.0/16
University College, Australian Defense Force Academy (AU)
139.223.0.0/16
TISNET: TATUNG (TW)
147.83.5.57/16
147.83.50.71/16
Universitat Politecnica de Catalunya (ES)
149.156.0.0/16
Academic Computer Centre CYFRONET (PL)
161.139.0.0/16
Universiti Teknologi Malaysia (MY)
193.24.212.0/20
cdedie in V-COM Network Ips (FR)
193.34.120.0/22
SDV Server Services (DE)
193.87.160.64/28
Joint Vocational Secondary School (Zdruzena stredna skola, Bratislava, SK) in sanet. (SK)
193.107.16.0/22
Ideal Solution Ltd (SC)
193.231.39.0/24
University of Craiova (RO)
193.254.2.0/24
Polytechnic University of Tirana Albania (AL)
194.88.96.0/19
Online Internet nv/sa (BE)
194.103.218.0/23
Arjeplog Kommun (SE)
194.204.212.0/24
Ministere des Peches Maritimes (MA)
195.20.206.0/23
GleSYS - Serverhotell (SE)
195.47.227.0/24
Totolotek S.A. (PL)
195.93.144.0/23
Limited company Elektrosvyaz (RU)
195.140.140.0/22
CTN1 (FR)
195.140.176.0/22
PEACE-NET in HansaWorld International (Internet Invest Ltd) (UA)
195.224.0.0/16
Pipex Communications (GB)
196.0.0.0/8
AfriNIC
202.28.0.0/15
UniNet (Inter-university network) (TH)
202.46.0.0/20
IPTEKNET, Indonesian Science and Technology Network (ID)
202.46.24.0/21
Widya Mandala Catholic University Surabaya (ID)
202.55.180.162/20
SKYCC, VoIP and ISP, Ulaanbaatar, Mongolia (MN)
202.57.128.0/18
202.142.221.246/19
Internet Service Provider Co., Ltd. (TH)
202.60.64.0/19
DedicatedServers (AU)
202.60.240.2/19
Cyber Express Communication Ltd. (HK)
202.63.160.0/19
Exatt Technologies Pvt. Ltd. (IN)
202.64.0.0/16
Pacific Internet (Hong Kong) Ltd (HK)
202.65.128.0/19
Pioneer Online Pvt. Ltd. (IN)
202.66.0.0/16
CPCNet Hong Kong Ltd. (HK)
202.70.192.0/20
India Online Network Ltd (IN)
202.67.155.250/17
HKNet Company Limited (HK)
202.88.128.0/18
Hathway IP Over Cable Internet Access Service (IN)
202.123.64.0/19
Henderson Data Centre Limited (HK)
202.129.0.0/18
CAT Telecom (TH)
202.142.64.0/18
Zee Telefilms Ltd (IN)
202.144.0.0/17
Sify Limited (IN)
202.152.160.0/23
202.152.162.0/24
202.155.32.0/19
Indosat (ID)
202.155.196.100/18
202.155.230.231/18
Wharf T&T Limited (HK)
202.175.192.0/18
Eastern Telecoms Philippines, Inc. (PH)
202.181.128.0/19
Hongkong Commercial Internet Exchange (HK)
202.222.28.84/32
www.utsunomiya-fudousan.com in SAKURA Internet 宇都宮不動産のれん会 (JP)
203.34.37.0/24
YOKOZUNANET (MN)
203.64.0.0/13
203.72.0.0/14
Global Communication Network Corp., CHTD (TW)
203.81.32.0/19
Pacific Internet Limited (SG)
203.110.208.0/20
India Online Network Ltd. (IN)
203.116.0.0/15
203.118.0.0/18
StarHub (SG)
203.133.27.117/17
Hoshin Gigamedia Center Inc. (TW)
203.141.141.192/29
Business Flow Technologies Inc. (株式会社 ビジネスフローテクノロジーズ) in Interlink co., ltd (JP)
203.144.128.0/17
True Internet (TH)
203.146.251.0/24
Loxinfo (TH)
KSC Commercial Internet
KSC Commercial Internet (TH)
203.157.0.0/16
Ministry of Public Health, Thailand (TH)
203.167.96.0/19
Eastern Telecoms Phils., Inc. (PH)
203.171.16.0/20
New Generations Telecommunication Corporation (VN)
203.172.192.0/18
Ministry of Education Network Operation Center (TH)
203.185.0.0/18
CITY TELECOM (HK) LTD
203.193.0.0/18
Verizon Hong Kong Limited (HK)
203.198.0.0/16
PCCW, NETVIGATOR (HK)
206.124.0.0/19
foreThought.net (US)
207.44.128.0/17
Anita Limanto in OESM Group in The Planet (Everyones Internet) (US)
207.80.142.5/16
Univ. of Texas System Office of Telecom. Services (US)
207.192.64.0/18
Linode.com in Net Access Corporation (US)
207.210.0.0/18
Source Cable Ltd. (CA)
207.253.73.0/24
Cooperative de cablodistribution de l'arriere-pays (CA)
208.50.192.0/18
208.51.0.0/16
Global Crossing (GBLX) (US)
208.109.0.0/16
GoDaddy.com, Inc. (US)
209.101.200.116/24
Comdepot Dallas Pop (US)
209.172.32.0/19
iWeb Technologies Inc. (CA)
210.1.0.0/18
CS Loxinfo (TH)
210.6.0.0/16
City Telecom (H.K.) Ltd. (HK)
210.17.0.0/17
Taiwan Telecommunication Network Services Co.,LTD. (TW)
210.18.57.3/17
Sify Limted (IN)
210.48.144.0/20
TM NET (MY)
210.67.0.0/18
Sysware Corporation, Systex Corporation (TW)
210.68.0.0/16
firefoxlanka.com in Digital United Inc. / SEEDNET (TW)
210.70.160.0/20
CHANG JUNG UNIVERSITY (TW)
210.81.0.0/19
WorldCom Japan Ltd. (JP)
210.87.240.0/20
PCCW (Pacific Century Cyberworks) Business Internet Access (HK)
210.188.206.76/32
creators union 株式会社クリエイターズユニオン (JP)
210.209.13.0/24
TWNAP (TW)
210.210.0.0/17
Sify Technologies Limited (IN)
210.212.0.0/16
BSNL Internet (IN)
210.228.173.144/24
210.228.174.0/23
210.228.176.0/24
Momotarou Internet Club (NIHONKOUSHIN Co.) (JP)
210.243.128.0/17
210.244.0.0/17
DIGITAL UNITED INC (TW)
210.245.0.0/17
FPT Telecom (VN)
211.24.0.0/15
TIME Telecommunications Sdn Bhd (MY)
211.78.80.0/20
DWINS Digital Service Corp. (TW)
212.12.224.0/19
Wayout Internet Solutions (EG)
212.72.192.0/19
NET IS SAT ltd. (BG)
212.74.96.0/19
Tiscali UK Limited (GB)
212.122.160.0/19
Bulgarian Government Network (BG)
213.16.56.0/24
SKAT TV Ltd. (BG)
213.19.163.0/24
THAIINTERNATIONAL-NL (TH)
213.112.0.0/14
Bredbandsbolaget Routing Registry (SE)
213.129.96.0/19
South-East Transtelecom Joint Stock Co (RU)
213.176.96.0/24
Malek Ashtar University (IR)
213.195.64.0/19
Ibercom (ES)
213.223.64.10/29
HUMBERT FRANCK, VAINCRE_LA_MUCO (FR)
213.228.128.0/18
Soabor - Comercio de Prendas Lda in Cabovisao - Televisao por Cabo, S.A (PT)
216.133.224.0/19
Roth Williams International Societies of Orthodontists in Vitalstream Holdings, Inc. (US)
216.144.224.0/20
Secured Private Network (US)
216.176.176.0/20
Wowrack.com (US)
216.177.128.0/20
Alentus Corporation (US)
216.219.128.0/17
Affinity Internet, Inc (US)
217.20.118.111/24
netdirekt e. K. (DE)
217.20.160.0/20
WNET (UA)
217.71.128.0/20
Novosibirsk State Technical University (RU)
217.112.112.0/20
Esprit telecom B.V. (NL)
218.102.0.0/15
GOA INTERNATIONAL LIMITED in NETVIGATOR (HK)
218.210.0.0/15
New Century InfoComm Tech. Co., Ltd. (TW)
218.214.0.0/15
Swiftel Communications (AU)
218.248.1.160/27
Osmania University in Bharat Sanchar Nigam Limited (IN)
219.84.0.0/14
Taiwan Fixed Network CO.,LTD. (TW)
219.117.253.88/29
clja.net (Hirohisa Maruyama) in Interlink co., ltd (JP)
220.224.0.0/14
Reliance Communications Ltd (IN)
220.228.0.0/15
New Centry InfoComm Tech. Co., Ltd. (TW)
220.241.0.0/16
PCCW: Pacific Century Cyberworks (HK)
220.246.0.0/16
PCCW: Pacific Century Cyberworks (HK)
221.120.192.0/18
Pakistan Telecommunication Company Limited (PK)
222.124.0.0/16
PT. Telekomunikasi Indonesia Tbk (ID)
222.156.0.0/15
Asia Pacific On-line Services Inc. (TW)
222.252.0.0/14
Vietnam Posts and Telecommunications (VN)
24.232.0.0/16
132.247.0.0/16
132.248.0.0/16
148.201.0.0/16
148.202.0.0/15
148.204.0.0/14
148.208.0.0/12
148.224.0.0/12
148.240.0.0/13
148.248.0.0/15
148.250.0.0/16
150.185.0.0/16
150.186.0.0/15
150.188.0.0/15
157.100.0.0/16
164.77.0.0/16
168.243.0.0/16
186.0.0.0/7
189.0.0.0/8
190.0.0.0/8
200.0.0.0/7
216.241.0.0/19
LACNIC
113.252.0.0/14
118.140.0.0/14
203.184.128.0/17
210.0.128.0/17
218.188.0.0/14
221.127.43.88/14
The criminals' network - Hutchison Global Communications (HK)
58.14.0.0/15
58.16.0.0/13
58.24.0.0/15
58.30.0.0/15
58.32.0.0/11
58.82.0.0/15
58.144.0.0/16
58.192.0.0/11
58.240.0.0/12
59.32.0.0/11
59.64.0.0/12
59.80.0.0/14
59.107.0.0/16
59.108.0.0/14
59.148.0.0/15
59.151.0.0/17
59.172.0.0/14
60.0.0.0/11
60.160.0.0/11
60.194.0.0/15
60.200.0.0/13
60.208.0.0/12
61.4.176.0/20
61.28.0.0/17
61.29.128.0/17
61.48.0.0/13
61.128.0.0/10
61.232.0.0/14
61.236.0.0/15
61.238.0.0/15 (HK)
61.240.0.0/14
61.248.0.0/13
89.202.108.0/25 (HK)
110.176.0.0/12
110.192.0.0/11
112.0.0.0/10
112.64.0.0/14
112.80.0.0/12
112.96.0.0/13
112.224.0.0/11
113.0.0.0/13
113.8.0.0/15
113.11.192.0/19
113.54.0.0/15
113.56.0.0/15
113.58.0.0/16
113.59.0.0/17
113.62.0.0/15
113.64.0.0/10
113.128.0.0/15
113.218.0.0/15
113.220.0.0/14
113.224.0.0/11
114.80.0.0/12
114.96.0.0/13
114.104.0.0/14
114.112.0.0/13
114.208.0.0/12
114.224.0.0/11
115.190.0.0/15
115.192.0.0/11
115.224.0.0/12
116.1.0.0/16
116.2.0.0/15
116.4.0.0/14
116.8.0.0/14
116.16.0.0/12
116.52.0.00/14
116.56.0.00/15
116.112.0.0/13
116.224.0.0/12
116.242.0.0/15
116.244.0.0/14
116.248.0.0/15
116.252.0.0/15
116.254.128.0/17
116.255.128.0/17
117.21.0.0/16
117.22.0.0/15
117.24.0.0/13
117.32.0.0/13
117.40.0.0/14
117.44.0.0/15
117.128.0.0/10
118.102.16.0/20
118.112.0.0/13
118.120.0.0/14
118.124.0.0/15
118.126.0.0/16
118.180.0.0/14
118.184.0.0/13
118.192.0.0/12
119.2.128.0/17
119.3.0.0/16
119.4.0.0/14
119.8.0.0/15
119.10.0.0/17
119.32.0.0/13
119.40.0.0/15
119.42.0.0/19
119.78.0.0/15
119.80.0.0/15
119.112.0.0/12
119.128.0.0/12
119.144.0.0/14
119.161.128.0/17
119.162.0.0/15
119.164.0.0/14
119.176.0.0/12
120.0.0.0/12
120.24.0.0/14
120.30.0.0/15
120.32.0.0/12
120.48.0.0/15
120.192.0.0/10
121.8.0.0/13
121.16.0.0/12
121.32.0.0/13
121.40.0.0/14
121.52.208.0/20
121.52.224.0/19
121.204.0.0/14
122.4.0.0/14
122.8.0.0/13
122.64.0.0/11
122.96.0.0/15
122.102.0.0/20
122.102.64.0/19
122.136.0.0/13
122.156.0.0/14
122.192.0.0/14
122.200.64.0/18
122.224.0.0/12
122.240.0.0/13
123.4.0.0/14
123.8.0.0/13
123.112.0.0/12
123.128.0.0/13
123.137.0.0/16
123.138.0.0/15
123.144.0.0/12
123.160.0.0/12
123.177.0.0/16
123.178.0.0/15
123.180.0.0/14
123.184.0.0/13
123.196.0.0/15
123.232.0.0/14
124.14.0.0/15
124.16.0.0/15
124.42.0.0/16
124.112.0.0/13
124.126.0.0/15
124.128.0.0/13
124.160.0.0/13
124.192.0.0/15
124.200.0.0/13
124.220.0.0/14
124.224.0.0/12
124.240.0.0/17
124.254.0.0/18
125.31.192.0/18
125.32.0.0/12
125.61.128.0/17
125.62.0.0/15
125.64.0.0/11
125.96.0.0/15
125.98.0.0/16
125.208.0.0/18
125.210.0.0/15
159.226.0.0/16
166.111.0.0/16
180.152.0.0/13
180.160.0.0/12
183.0.0.0/10
183.64.0.0/13
202.8.128.0/19
202.67.128.0/17 (HK)
202.68.0.0/18 (HK)
202.75.208.0/20
202.90.0.0/15
202.92.0.0/14
202.96.0.0/12
202.112.0.0/13
202.120.0.0/15
202.127.24.198/20
202.152.176.0/20
202.165.176.0/20
202.192.0.0/12
203.86.0.0/18
203.86.64.0/19
203.88.192.0/19
203.91.120.0/21
203.148.0.0/18
203.171.224.0/20
203.175.128.0/17
210.14.64.0/19
210.17.128.0/17 (HK)
210.21.0.0/16
210.22.0.0/16
210.25.0.0/16
210.26.0.0/15
210.28.0.0/14
210.32.0.0/12
210.51.0.0/16
210.52.0.0/15
210.72.0.0/14
210.76.0.0/15
210.78.0.0/16
210.82.0.0/15
210.87.128.0/18
210.192.96.0/19
211.64.0.0/13
211.80.0.0/12
211.96.0.0/13
211.136.0.0/13
211.144.0.0/12
211.160.0.0/13
218.0.0.0/11
218.56.0.0/13
218.64.0.0/11
218.96.0.0/14
218.104.0.0/14
218.108.0.0/15
218.192.0.0/12
218.240.0.0/13
218.249.0.0/16
219.90.112.0/20 (HK)
219.128.0.0/11
219.216.0.0/13
219.224.0.0/12
219.242.0.0/15
219.244.0.0/14
220.112.0.0/14
220.160.0.0/11
220.192.0.0/12
220.231.0.0/16
220.248.0.0/14
220.252.0.0/16
221.0.0.0/12
221.122.0.0/15
221.129.0.0/16
221.130.0.0/15
221.172.0.0/14
221.176.0.0/13
221.192.0.0/11
221.224.0.0/12
222.16.0.0/12
222.32.0.0/11
222.64.0.0/11
222.126.128.0/17
222.128.0.0/12
222.160.0.0/14
222.168.0.0/13
222.176.0.0/12
222.192.0.0/11
222.240.0.0/13
222.248.0.0/15
People's Republic of China (CN) : the world no.1 lawless nation in the internet.
many crackers live in these networks and serves phishing pages.
for example, this is Fifth Third Bank phising page served by ANHUI TELECOM (2007.2.11) :
http://218.22.100.110/cbdir/ (screenshot)
59.160.0.0/14
59.164.0,0/15
61.11.0.0/17
61.17.0.0/16
115.108.0.0/14
115.112.0.0/13
121.240.0.0/13
202.9.128.0/18
202.54.102.183/16
203.197.0.0/16
203.199.0.0/16
203.200.0.0/16
210.211.128.0/17
THE CRIMINALS' NETWORK - VSNL Videsh Sanchar Nigam Ltd (IN)
58.72.0.0/13
58.120.0.0/13
58.140.0.0/14
58.148.0.0/14
58.180.0.0/16
58.181.0.0/18
58.184.0.0/16
58.224.0.0/12
59.0.0.0/11
59.150.0.0/16
61.32.0.0/13
61.40.0.0/14
61.72.0.0/13
61.80.0.0/14
61.84.0.0/15
61.96.0.0/12
61.248.0.0/13
66.232.136.0/21
66.232.144.0/22
110.8.0.0/13
112.144.0.0/12
112.160.0.0/11
112.216.0.0/13
113.130.64.0/19
114.108.0.0/17
114.108.128.0/18
114.141.0.0/19
114.199.128.0/17
114.200.0.0/13
115.40.0.0/15
115.68.0.0/16
115.88.0.0/13
115.178.64.0/19
116.32.0.0/12
116.120.0.0/13
117.16.0.0/15
118.32.0.0/11
118.127.192.0/18
118.128.0.0/14
118.216.0.0/13
119.64.0.0/13
119.192.0.0/11
121.64.0.0/14
121.88.0.0/16
121.100.64.0/18
121.124.0.0/15
121.126.0.0/16
121.128.0.0/10
122.128.32.0/19
123.111.0.0/16
123.140.0.0/14
123.212.0.0/14
124.0.0.0/15
124.2.0.0/16
124.5.0.0/16
125.7.128.0/17
124.111.0.0/16
124.136.0.0/14
124.194.0.0/16
125.128.0.0/11
125.240.0.0/13
125.248.0.0/14
125.252.0.0/18
141.223.0.0/16
143.248.0.0/16
150.183.0.0/16
155.230.0.0/16
168.126.0.0/16
175.112.0.0/12
180.150.192.0/19
180.150.224.0/21
202.30.0.0/15
203.224.0.0/11
210.57.224.0/19
210.90.0.0/15
210.92.0.0/14
210.96.0.0/11
210.178.0.0/15
210.180.0.0/14
210.216.0.0/13
211.32.0.0/11
211.104.0.0/13
211.112.0.0/13
211.168.0.0/13
211.176.0.0/12
211.192.0.0/10
218.36.0.0/14
218.48.0.0/13
218.144.0.0/12
218.232.0.0/13
219.240.0.0/15
219.248.0.0/13
220.64.0.0/11
220.116.0.0/14
220.120.0.0/13
221.138.0.0/15
221.140.0.0/14
221.144.0.0/12
221.160.0.0/13
221.168.0.0/16
222.96.0.0/12
222.112.0.0/13
222.120.0.0/15
222.122.0.0/16
222.232.0.0/13
KOREA:
many crackers live in these networks and serves phishing pages.
for example, this is PayPal phising page served by SKNETWORKS-METRO-JEYUN-KR (2005.10.29) :
http://211.63.1.132/source/img/banner/.cgi-bin/.webscr/paypal/ (screenshot)
and for example, this is eBay phising page served by JANGRIMWORLD in Hanaro Telecom Co. (2006.10.27) :
http://211.210.60.2/ebay/login1992/ (screenshot)
77.245.144.0/20
82.151.128.0/19
89.106.0.0/19
89.107.224.0/21
95.154.236.0/23
95.154.240.0/23
95.154.242.0/24
95.154.248.0/22
178.211.53.0/24
188.132.128.0/17
TRKEY
many crackers live in these networks.
59.112.0.0/12
60.248.0.0/14
61.216.0.0/13
61.224.0.0/13
202.39.246.110/17
203.64.0.0/13
203.72.0.0/14
210.241.224.0/19
210.242.0.0/16
211.20.0.0/14
211.72.71.72/16
210.59.128.0/17
210.61.0.0/16
210.71.128.0/17
220.128.0.0/12
THE CRIMINALS' NETWORK - HINET - CHTD, Chunghwa Telecom Co.,Ltd. (TW)
140.109.0.0/16
140.110.0.0/15
140.112.0.0/12
140.128.0.0/13
140.136.0.0/15
140.138.0.0/16
163.13.0.0/16
163.14.0.0/15
163.16.0.0/12
163.32.0.0/16
192.192.0.0/16
210.59.0.0/17
210.60.0.0/16
Ministry of Education computer Center (TW)
many crackers live in these networks.
Dear infected hosts:
Welcome to TATSUKICHI Network. We apologize to you for falling short of your expectations. We are *WINDOWS*OUTSIDE* netowrk and there are no hosts that swallow your dirty packets. PLEASE PLEASE DO NOT POLLUTE THE INTERNET.

本ページは w3m でもそこそこ表示できるように最適化されています [福]