[nsp-sec] RDP scanning / brute forcing from LV
John Kristoff
jtk at depaul.edu
Sun Jul 12 13:38:59 EDT 2020
Have seen a lot of RDP scanning / brute force attempts from:
39814 | 193.93.62.0 | 193.93.62.0/24 | LV | ripencc | 2006-02-27 | ITSERV, LVAS 39814
This network only announces four other /24's so it is not a big net. It has an upstream of:
39845 | 193.93.62.0 | LV-2CLOUD-ASN16, LV
39845 is not a much bigger network. Not sure it is worth contacting at
either network. Anyone seen them on the radar before or know someone
from .lv that might make a suggestion on getting this to stop?
John
More information about the nsp-security
mailing list