 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Mac Forum / General / Networking / April 2008FTP Attack is now SSH as well
Hi All, Here is a partial listing from the secure log: Apr 10 07:21:46 7300-G4 sshd[5778]: Invalid user ssh from 216.193.250.180 Apr 10 07:21:46 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user ssh. Apr 10 07:21:46 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:21:46 7300-G4 sshd[5778]: Failed password for invalid user ssh from 216.193.250.180 port 33623 ssh2 Apr 10 07:21:49 7300-G4 sshd[5781]: Invalid user search from 216.193.250.180 Apr 10 07:21:50 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user search. Apr 10 07:21:50 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:21:50 7300-G4 sshd[5781]: Failed password for invalid user search from 216.193.250.180 port 33901 ssh2 Apr 10 07:21:52 7300-G4 sshd[5783]: Invalid user sara from 216.193.250.180 Apr 10 07:21:52 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user sara. Apr 10 07:21:52 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:21:52 7300-G4 sshd[5783]: Failed password for invalid user sara from 216.193.250.180 port 35141 ssh2 Apr 10 07:21:54 7300-G4 sshd[5785]: Invalid user robert from 216.193.250.180 Apr 10 07:21:54 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user robert. Apr 10 07:21:54 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:21:54 7300-G4 sshd[5785]: Failed password for invalid user robert from 216.193.250.180 port 35431 ssh2 Apr 10 07:21:56 7300-G4 sshd[5787]: Invalid user richard from 216.193.250.180 Apr 10 07:21:56 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user richard. Apr 10 07:21:56 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:21:56 7300-G4 sshd[5787]: Failed password for invalid user richard from 216.193.250.180 port 36361 ssh2 Apr 10 07:21:59 7300-G4 sshd[5790]: Invalid user party from 216.193.250.180 Apr 10 07:21:59 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user party. Apr 10 07:21:59 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:21:59 7300-G4 sshd[5790]: Failed password for invalid user party from 216.193.250.180 port 36916 ssh2 Apr 10 07:22:01 7300-G4 sshd[5792]: Invalid user amanda from 216.193.250.180 Apr 10 07:22:01 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user amanda. Apr 10 07:22:01 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:02 7300-G4 sshd[5792]: Failed password for invalid user amanda from 216.193.250.180 port 37867 ssh2 Apr 10 07:22:04 7300-G4 sshd[5794]: Invalid user rpm from 216.193.250.180 Apr 10 07:22:04 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user rpm. Apr 10 07:22:04 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:05 7300-G4 sshd[5794]: Failed password for invalid user rpm from 216.193.250.180 port 38064 ssh2 Apr 10 07:22:09 7300-G4 sshd[5796]: Invalid user operator from 216.193.250.180 Apr 10 07:22:09 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user operator. Apr 10 07:22:09 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:09 7300-G4 sshd[5796]: Failed password for invalid user operator from 216.193.250.180 port 38862 ssh2 Apr 10 07:22:12 7300-G4 sshd[5799]: Invalid user sgi from 216.193.250.180 Apr 10 07:22:12 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user sgi. Apr 10 07:22:12 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:12 7300-G4 sshd[5799]: Failed password for invalid user sgi from 216.193.250.180 port 39796 ssh2 Apr 10 07:22:14 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user sshd. Apr 10 07:22:14 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:14 7300-G4 sshd[5801]: Failed password for sshd from 216.193.250.180 port 40032 ssh2 Apr 10 07:22:15 7300-G4 sshd[5804]: Invalid user users from 216.193.250.180 Apr 10 07:22:15 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user users. Apr 10 07:22:15 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:15 7300-G4 sshd[5804]: Failed password for invalid user users from 216.193.250.180 port 40902 ssh2 Apr 10 07:22:17 7300-G4 sshd[5806]: Invalid user admins from 216.193.250.180 Apr 10 07:22:17 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user admins. Apr 10 07:22:17 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:17 7300-G4 sshd[5806]: Failed password for invalid user admins from 216.193.250.180 port 41043 ssh2 Apr 10 07:22:19 7300-G4 sshd[5809]: Invalid user admins from 216.193.250.180 Apr 10 07:22:19 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user admins. Apr 10 07:22:19 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:19 7300-G4 sshd[5809]: Failed password for invalid user admins from 216.193.250.180 port 41268 ssh2 Apr 10 07:22:20 7300-G4 sshd[5811]: Invalid user bin from 216.193.250.180 Apr 10 07:22:20 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user bin. Apr 10 07:22:20 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:20 7300-G4 sshd[5811]: Failed password for invalid user bin from 216.193.250.180 port 42305 ssh2 Apr 10 07:22:22 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user daemon. Apr 10 07:22:22 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:22 7300-G4 sshd[5813]: Failed password for daemon from 216.193.250.180 port 42494 ssh2 Apr 10 07:22:24 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user lp. Apr 10 07:22:24 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:24 7300-G4 sshd[5816]: Failed password for lp from 216.193.250.180 port 43111 ssh2 Apr 10 07:22:26 7300-G4 sshd[5819]: Invalid user sync from 216.193.250.180 Apr 10 07:22:26 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user sync. Apr 10 07:22:26 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:26 7300-G4 sshd[5819]: Failed password for invalid user sync from 216.193.250.180 port 43828 ssh2 Apr 10 07:22:28 7300-G4 sshd[5822]: Invalid user shutdown from 216.193.250.180 Apr 10 07:22:28 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user shutdown. Apr 10 07:22:28 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:28 7300-G4 sshd[5822]: Failed password for invalid user shutdown from 216.193.250.180 port 43952 ssh2 Apr 10 07:22:30 7300-G4 sshd[5824]: Invalid user halt from 216.193.250.180 Apr 10 07:22:30 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user halt. Apr 10 07:22:30 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:30 7300-G4 sshd[5824]: Failed password for invalid user halt from 216.193.250.180 port 44565 ssh2 Apr 10 07:22:31 7300-G4 sshd[5826]: Invalid user uucp from 216.193.250.180 Apr 10 07:22:31 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user uucp. Apr 10 07:22:31 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:31 7300-G4 sshd[5826]: Failed password for invalid user uucp from 216.193.250.180 port 45331 ssh2 Apr 10 07:22:34 7300-G4 sshd[5828]: Invalid user smmsp from 216.193.250.180 Apr 10 07:22:34 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user smmsp. Apr 10 07:22:34 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:34 7300-G4 sshd[5828]: Failed password for invalid user smmsp from 216.193.250.180 port 45628 ssh2 Apr 10 07:22:37 7300-G4 sshd[5830]: Invalid user dean from 216.193.250.180 Apr 10 07:22:37 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user dean. Apr 10 07:22:37 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:38 7300-G4 sshd[5830]: Failed password for invalid user dean from 216.193.250.180 port 46870 ssh2 Apr 10 07:22:41 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user unknown. Apr 10 07:22:41 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:42 7300-G4 sshd[5833]: Failed password for unknown from 216.193.250.180 port 47668 ssh2 Apr 10 07:22:44 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user securityagent. Apr 10 07:22:44 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:44 7300-G4 sshd[5838]: Failed password for securityagent from 216.193.250.180 port 48395 ssh2 Apr 10 07:22:47 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user tokend. Apr 10 07:22:47 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:48 7300-G4 sshd[5841]: Failed password for tokend from 216.193.250.180 port 49428 ssh2 Apr 10 07:22:50 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user windowserver. Apr 10 07:22:50 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:50 7300-G4 sshd[5845]: Failed password for windowserver from 216.193.250.180 port 50236 ssh2 Apr 10 07:22:53 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user appowner. Apr 10 07:22:53 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:22:54 7300-G4 sshd[5848]: Failed password for appowner from 216.193.250.180 port 50661 ssh2 Apr 10 07:23:00 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user xgridagent. Apr 10 07:23:00 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:23:00 7300-G4 sshd[5851]: Failed password for xgridagent from 216.193.250.180 port 51694 ssh2 Apr 10 07:23:02 7300-G4 sshd[5855]: Invalid user agent from 216.193.250.180 Apr 10 07:23:02 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user agent. Apr 10 07:23:02 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:23:02 7300-G4 sshd[5855]: Failed password for invalid user agent from 216.193.250.180 port 53011 ssh2 Apr 10 07:23:05 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user xgridcontroller. Apr 10 07:23:05 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:23:05 7300-G4 sshd[5857]: Failed password for xgridcontroller from 216.193.250.180 port 53674 ssh2 Apr 10 07:23:08 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user jabber. Apr 10 07:23:08 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:23:08 7300-G4 sshd[5860]: Failed password for jabber from 216.193.250.180 port 54181 ssh2 Apr 10 07:23:18 7300-G4 com.apple.SecurityServer: authinternal failed to authenticate user amavisd. Apr 10 07:23:18 7300-G4 com.apple.SecurityServer: Failed to authorize right system.login.tty by process /usr/sbin/sshd for authorization created by /usr/sbin/sshd. Apr 10 07:23:19 7300-G4 sshd[5863]: Failed password for amavisd from 216.193.250.180 port 54824 ssh2 Apr 10 09:10:45 7300-G4 com.apple.SecurityServer: authinternal authenticated user rwdemby (uid 505). Am I correct in assuming that if I shut the VNC server down this type of attack will fail? I am getting very worried as there have been numerous attempts from different IPs ie; 199.243.199.50 164.77.41.251 200.74.172.194 The only ports that are open on my router are 22, 515, and 631 Is SSH vulnerable?  Signature"Each one teach one" > Hi All, > Here is a partial listing from the secure log: [quoted text clipped - 10 lines] > Apr 10 07:21:50 7300-G4 com.apple.SecurityServer: authinternal failed > to authenticate user search. ... > Am I correct in assuming that if I shut the VNC server down this type > of attack will fail? No, you have to turn off remote login. But this will prevent you from using VNC, if you have it set to only work from a local client using SSH. > I am getting very worried as there have been numerous attempts from > different IPs > ie; 199.243.199.50 164.77.41.251 200.74.172.194 They come from all over the place, and happen pretty much continuously to everyone who runs an SSH server. Port scanners are constantly scanning for open port 22. > The only ports that are open on my router are 22, 515, and 631 > Is SSH vulnerable? It depends on how well you have your authentication configured. If you're using simple password authentication, the hacker might be able to guess your password. But if you use a public-key authentication, you should be pretty safe. SignatureBarry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** > > Hi All, > > Here is a partial listing from the secure log: [quoted text clipped - 33 lines] > guess your password. But if you use a public-key authentication, you > should be pretty safe. Also, moving your ssh server to another port will at least stop the automated scans. It's not security per se, since people can still portscan your machine and try to log in to every open port they find, but it will make you less of an obvious target. SignatureJerry Kindall, Seattle, WA <http://www.jerrykindall.com/> Send only plain text messages under 32K to the Reply-To address. This mailbox is filtered aggressively to thwart spam and viruses. > Also, moving your ssh server to another port will at least stop the > automated scans. It's not security per se, since people can still > portscan your machine and try to log in to every open port they find, > but it will make you less of an obvious target. I meant to mention that as well. That's what I do, and I pretty much never see warning messages from sshd in my log. Unfortunately, my router (Linksys WRT54G) doesn't provide a way to forward an external port to a different internal port. Changing the port that OS X's sshd listens on requires editing a LaunchDaemon plist file. SignatureBarry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** > > Also, moving your ssh server to another port will at least stop the > > automated scans. It's not security per se, since people can still [quoted text clipped - 8 lines] > port that OS X's sshd listens on requires editing a LaunchDaemon plist > file. No, you only need to edit "/etc/sshd_config", SignatureTom Stiller PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3 7BDA 71ED 6496 99C0 C7CF > Hi All, > Here is a partial listing from the secure log: [quoted text clipped - 19 lines] > to authenticate user sara. > .... deleted bunch of log entries... > Am I correct in assuming that if I shut the VNC server down this type > of attack will fail? VNC is generally listening on port 5900 unless you have configured it to listen on a different port. If your primary reason for using ssh is so that you can route VNC sessions over an ssh tunnel, then no, turning off VNC will do nothing to stop this attack. > I am getting very worried as there have been numerous attempts from > different IPs > ie; 199.243.199.50 164.77.41.251 200.74.172.194 > > The only ports that are open on my router are 22, 515, and 631 > Is SSH vulnerable? Port 631 is generally associated with the CUPS print environment. Port 515 is associated with the LPD Line printer daemon. So far, the attack seems to be using random usernames. If you do not allow standard named accounts, such as 'root' be enabled, and if your username (Mac OS X short name) is not a common name, and if you use a fairly strong password, then it is unlikely that they will manage to get into your system. If you wanted, you could change the router port for ssh from 22 to a different value. By this I mean, close port 22, then setup port forwarding for some high numbered external port to internal port 22. Then when you are on the outside and wish to connect to your system via ssh, use ssh -p 12345 host.name.com, where 12345 would be the port you told your router to forward to internal port 22. It is also possible to setup ssh so that you can only login via an ssh-keygen created key, and disable username/password logins. This would be very secure. If you want to go this route, then search MacOSXHints.com for information on how to set this up. You could also try: <http://www.macosxhints.com/article.php?story=20040913102948373&que ry=ssh%2Bbreak> <http://www.macosxhints.com/comment.php?mode=view&cid=63205&query=s sh%20break> <http://www.macosxhints.com/comment.php?mode=view&cid=61141&query=s sh%20break> Bob Harris > > Hi All, > > Here is a partial listing from the secure log: [snip] > > > Am I correct in assuming that if I shut the VNC server down this type [quoted text clipped - 43 lines] > <http://www.macosxhints.com/comment.php?mode=view&cid=61141&query=s > sh%20break> You might want to look at <http://groups.google.com/group/comp.sys.mac.comm/msg/756729059283f877?dm ode=source> for a tutorial on setting up a secure VNC connection. SignatureTom Stiller PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3 7BDA 71ED 6496 99C0 C7CF > Here is a partial listing from the secure log: > > Apr 10 07:21:46 7300-G4 sshd[5778]: Invalid user ssh from 216.193.250.180 Rob- Since none of them appear to have succeeded in accessing your computer, there may be nothing to worry about. However, they are obviously up to no good. It is possible they are looking for machines they can use to transmit mass amounts of Spam. I checked the IPs you mentioned using the Mac's Network Utility.app. IP 216.193.250.180 is related to Mzima Networks, Inc. in Los Angeles, per whois.arin.net. You could forward a copy of relevant portions of your log to abuse@mzima.net, and ask them to do something about it. IP 199.243.199.50 could be reported to abuse@bellnexxia.net. IP 164.77.41.251 is in Chile. According to whois.lacnic.net, the contact person is enteladminip@entelchile.net. IP 200.74.172.194 is also in Chile. Contact is networks@manquehue.net. Three of the four IPs responded to a ping. Fred > > Here is a partial listing from the secure log: > > [quoted text clipped - 21 lines] > > Three of the four IPs responded to a ping. The machines are most likely members of botnets, they don't belong to the hackers who are actually scanning you. The ISPs might notify the owners that their machines are infected and being used as zombies, but I wouldn't count on it. SignatureBarry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** Learn how to use whois to look up the address owners. whois -h whois.arin.net 216.193.250.180 OrgName: Mzima Networks, Inc. OrgID: MZIMAN-1 Address: 707 Wilshire Blvd. Address: Suite 4737 City: Los Angeles StateProv: CA PostalCode: 90017 Country: US NetRange: 216.193.192.0 - 216.193.255.255 CIDR: 216.193.192.0/18 OriginAS: AS25973 NetName: NETBLK-MZIMA-02 NetHandle: NET-216-193-192-0-1 Parent: NET-216-0-0-0-0 NetType: Direct Allocation NameServer: NS1.LAX01.MZIMA.NET NameServer: NS2.LAX01.MZIMA.NET NameServer: NS1.IAD01.MZIMA.NET Comment: ******************************************** Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE Comment: ******************************************** RegDate: 2003-09-10 Updated: 2007-07-11 RAbuseHandle: MAD53-ARIN RAbuseName: Mzima Abuse Department RAbusePhone: +1-213-426-6509 RAbuseEmail: abuse@mzima.net RNOCHandle: NETWO19-ARIN RNOCName: Network Operations RNOCPhone: +1-888-446-9462 RNOCEmail: netops@mzima.net RTechHandle: NETWO19-ARIN RTechName: Network Operations RTechPhone: +1-888-446-9462 RTechEmail: netops@mzima.net OrgAbuseHandle: MAD53-ARIN OrgAbuseName: Mzima Abuse Department OrgAbusePhone: +1-213-426-6509 OrgAbuseEmail: abuse@mzima.net OrgNOCHandle: NETWO19-ARIN OrgNOCName: Network Operations OrgNOCPhone: +1-888-446-9462 OrgNOCEmail: netops@mzima.net OrgTechHandle: NETWO19-ARIN OrgTechName: Network Operations OrgTechPhone: +1-888-446-9462 OrgTechEmail: netops@mzima.net # ARIN WHOIS database, last updated 2008-04-11 19:10 # Enter ? for additional hints on searching ARIN's WHOIS database. Soon you'll learn who has control of their customers and who needs firewalling. My experience with Mzima has been bad because their customer Lunarpages seems to offer bulletproof spammer hosting on occasion. Anything involving China, Korea, Spain, Taiwan, Italy, Argentina, Egypt, Romania, Turkey, Google, or MCI's old criminal cluster at 63.64.0.0/10 is probably best firewalled. The abuse address will probably bounce. SignatureBlock Google's spam and enjoy Usenet again. Reply with Google and I won't hear from you. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.