[nsp-sec] Spam attack against pike.stonelake.fi (1927 ASNs)
Kinnari Johanna
Johanna.Kinnari at ficora.fi
Fri Feb 1 08:50:09 EST 2008
Hi,
Since Jan 23 pike.stonelake.fi (217.112.241.160) has been under a
DDoS-like of spam attack. You can find the list of hosts attached.
Timestamps are in EET (GMT+2) timezone.
The IP address(es) mentioned have been found to be a source for email
messages directed to either one of these bogus addresses:
urethroscope at elonmerkki.net
kinship at elonmerkki.net
The messages have been blocked at the destination host (the MX for
elonmerkki.net):
pike.stonelake.fi (217.112.241.160)
It's interersting that some of the spam messages have been sent thru
Finnish ISP's legitimate SMTP servers. It's common for Finnish ISP's to
block outbound connections to port 25 of other than their own servers.
Regards,
Johanna
CERT-FI
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Spam_source.txt
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20080201/8d4074b7/attachment-0001.txt>
More information about the nsp-security
mailing list