I've been logging sip registrations from this IP address for 2 days now. I've emailed the domain's admin, but nothing seems to come of it. I've routed him into oblivion, but still, I think 50 requests a second for 2 days is a bit much. Any ideas? -- Take care and have fun, Mike Diehl.
On 07-03-12 01:28, Mike Diehl wrote:> I've been logging sip registrations from this IP address for 2 days now. I've > emailed the domain's admin, but nothing seems to come of it. > > I've routed him into oblivion, but still, I think 50 requests a second for 2 > days is a bit much. > > Any ideas?Did you talk to the upstream provider? A quick whois on that IP address suggests mentions PlusServer. Send them an email at abuse at plusserver.de or use the chat link on the left side on this page: http://www.plusserver.de/produkte/ or call them at +49-2233-6124300. Regards, Patrick
iptables -A INPUT --src 188.138.100.16 -j DROP On Mar 6, 2012 7:29 PM, "Mike Diehl" <mdiehl at diehlnet.com> wrote:> I've been logging sip registrations from this IP address for 2 days now. > I've > emailed the domain's admin, but nothing seems to come of it. > > I've routed him into oblivion, but still, I think 50 requests a second for > 2 > days is a bit much. > > Any ideas? > > -- > > Take care and have fun, > Mike Diehl. > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120306/6af27496/attachment.htm>
Have you tried fail2ban?? http://www.fail2ban.org/wiki/index.php/Main_Page Saludos/Regards -- Ing. Gerardo Barajas Puente Proyectos Especiales/Preventa | www.neocenter.com T:+52 (55) 8590-9000 x 7003 On Tue, Mar 6, 2012 at 6:28 PM, Mike Diehl <mdiehl at diehlnet.com> wrote:> I've been logging sip registrations from this IP address for 2 days now. > I've > emailed the domain's admin, but nothing seems to come of it. > > I've routed him into oblivion, but still, I think 50 requests a second for > 2 > days is a bit much. > > Any ideas? > > -- > > Take care and have fun, > Mike Diehl. > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120306/ab58ac3e/attachment.htm>
Jamie A. Stapleton
2012-Mar-07 15:47 UTC
[asterisk-users] Ongoing attack from 188.138.100.16
Block them. They are one of the Internet's top bad IP addresses.
http://www.threatstop.com/checkip
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces
at lists.digium.com] On Behalf Of Mike Diehl
Sent: Tuesday, March 06, 2012 7:29 PM
To: asterisk-users at lists.digium.com
Subject: [asterisk-users] Ongoing attack from 188.138.100.16
I've been logging sip registrations from this IP address for 2 days now.
I've
emailed the domain's admin, but nothing seems to come of it.
I've routed him into oblivion, but still, I think 50 requests a second for 2
days is a bit much.
Any ideas?
--
Take care and have fun,
Mike Diehl.
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users