All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Would you send an abuse report to russian domestic ISPs?
I've received different types of attacks (some random and some others with a clear target) to different network layers and luckily I've been always able to handle them. I usually try to collect as much information as possible from the logs and prepare a report for the ISPs so they can take care of the attacking server properly.
Lately however I've been experimenting some serious flood (think of bruteforcing website credentials) from a large bunch of russian IPs. I've checked them and they all appear to be domestic, so most likely infected computers using different providers. So my question is, would you send an abuse report to the domestic ISPs, or do you think it's just a waste of time (bearing in mind they're in Russia and the default policy is pretty much laissez-faire)?
Comments
Save your bandwidth.
I pretty much get attack from India, China and Russia all the time, not to mention amazon ec2 ip ranges.
EC2 required you to supply full contact information just to look at your complaint.
Waste of time to deal with such corps and countries.
>
Would you mind telling me specifically what ISPs in Russia? The acknowledgement of your report depends on what email you use and who you reach.
If the computers are zombies or victims, then there is not much point to send an abuse report. You should only spend your time reporting coordinated attacks.
I cannot give you the information at this very moment but from my head I can remember ErTelekom and Flex for example (might be mixing info though).
I'm pretty sure they're infected computers that are being used for a coordinated attack.
>
>
I have not dealt with ER-Telecom before, so I'm not aware of their handling policies. I'm aware of Transtelecom and Rostelecom.
Basically, you should send your report in Russian. Please include necessary data to support your claim. There is a strong preference for business communication in Russian.
There are no way to send abuse report to Chinese ISPs, and some DCs are loosely controlled (e.g. CT Zhenjiang DC, JS, 222.186.x.x) so spammers can live in there.
@outime care to PM me a few of those IPs? I'd like to see if my bad / proxy IP detection catches it.
In Russia and maybe partly china, this is national defense, fighting the big bad americans and their nazi puppet regimes.
If it's the type of badware traffic generated by infected residential customer's PCs it's usually not worth to send abuse reports. The ISP usually can't do anything about it anyway. Besides most of the largest residential ISPs probably already have full netflow monitoring, so if they care about these things - they already know about the bad traffic and will take measures.
On the other hand if it's a server provider / data center - yes, it's better to send abuse report.
You got 'em.
Thanks!
No. It's like dealing with Aldryic or one of my colleagues.
i have dealt with a russian isp before today and they where surprisingly helpful. providing you can translate it clearly to russian.
I would say it is a waste of time to send abuse reports of any kind.
In English? 50:50. Some will act, most will not respond even if they act.
In Russian? Chances are higher, especially if you send annoying follow up emails all few days.
Ah.. yea well known bunch of bad guys around Internet.. Everyone else just kids..
What? I didn't have too.