Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: The most hated IP address of 2005 ? - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
The most hated IP address of 2005 ?
Time for a little hall of shame. Is there any IP address range or individual IP address that was annoying the daylight out of you in 2005?  An address where you tried and tried to contact the ISP to have a malware, botnet controller, exploit page removed, but to no avail? Where exploits kept coming back again and again ?  Let us know, and we might share your story.  For starters, here is mine:

Most Hated Netblock:195.225.176.x - 195.225.177.x  (AS31159)
Provider: Netcathost, Kiev, Ukraine
Reason for claim to fame: Hosting exploits, browser hijackers and CoolWebSearch related annoyances since several months. Ignoring, bouncing, or rejecting any complaints to the abuse contacts.

Update: beehappyy.biz is being implicated in the currently ongoing WMF 0-day exploit mania. And guess what beehappyy.biz resolves to ? 195.225.176.38 - my favorite netblock again. Null-Routing, anyone?
Daniel

367 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!