[outages] NANOG
John Sage
jsage at finchhaven.com
Mon Oct 26 09:19:11 EDT 2015
On 10/26/2015 05:30 AM, Rich Kulawiec via Outages wrote:
>
> I sent a message to the NANOG mail adminstration team asking them to
> throw the "emergency moderation" flag. This is a switch inside Mailman
> (the piece of software that runs the NANOG lists) which causes all
> incoming list traffic to be held for manual approval. When stuff like
> this happens, it's a fast way to stop the bleeding.
>
> I've had no response to that and am also still (8:30 AM EDT) observing a
> steady flow of outbound spam via NANOG. Note that this is part of a much
> larger attack: so far, I've seen the same thing on about 15 other mailing
> lists. Whether all of these were launched by the same entity is unknown,
> but the patterns match quite closely, so that's certainly a possibility.
I looked at five or six to the Outages list yesterday in detail.
After the appropriate wgets and less'es those all seemed to point back to
avazunic [dot] com
which is registered in -- wait for it -- CN...
- John
--
More information about the Outages
mailing list