[nsp-sec] Hat check: GHOSTnet, Digital Energy Technologies, Colocation America Corp, etc
Sebastian Abt
sa at rh-tec.de
Mon May 9 03:15:42 EDT 2016
Damian,
> Am 05.05.2016 um 07:43 schrieb Damian Menscher <damian at google.com>:
>
> ----------- nsp-security Confidential --------
>
> We've seen a fair amount of abuse from several hosting providers... often
> using large numbers of IPs spread across the provider's space in hopes of
> getting around per-IP abuse detection. When we see this sort of thing from
> Amazon EC2, we can trust their abuse team to take action (albeit slowly).
> But for other hosting providers, the abuse is such a large fraction of
> their traffic that we sometimes suspect the provider is complicit.
> Some examples I'm curious about:
>
> AS 12586 GHOSTnet: Lots of IPs sourcing abuse, but no web presence (
> http://www.ghostnet.de/) for people to buy hosting. Strange?
I know AS 12586 and the guys running it very well and am pretty sure that they are not complicit. However, I can imagine that abuse management is rather bad over there and that they have a big bunch of bad customers.
If I can be of any help regarding AS 12586, please let me know!
Regards,
sebastian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3852 bytes
Desc: not available
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20160509/042b9750/attachment.p7s>
More information about the nsp-security
mailing list