Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    Would you send an abuse report to russian domestic ISPs?
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Would you send an abuse report to russian domestic ISPs?

    I've received different types of attacks (some random and some others with a clear target) to different network layers and luckily I've been always able to handle them. I usually try to collect as much information as possible from the logs and prepare a report for the ISPs so they can take care of the attacking server properly.

    Lately however I've been experimenting some serious flood (think of bruteforcing website credentials) from a large bunch of russian IPs. I've checked them and they all appear to be domestic, so most likely infected computers using different providers. So my question is, would you send an abuse report to the domestic ISPs, or do you think it's just a waste of time (bearing in mind they're in Russia and the default policy is pretty much laissez-faire)?

    Comments

    • Save your bandwidth.

      I pretty much get attack from India, China and Russia all the time, not to mention amazon ec2 ip ranges.

      EC2 required you to supply full contact information just to look at your complaint.

      Waste of time to deal with such corps and countries.

      Thanked by 1geekalot

      Go give Vultr(referral) a try. | GNU/Linux http://debian.org

    • deployvmdeployvm Member, Provider

      @outime said:

      >

      Would you mind telling me specifically what ISPs in Russia? The acknowledgement of your report depends on what email you use and who you reach.

      If the computers are zombies or victims, then there is not much point to send an abuse report. You should only spend your time reporting coordinated attacks.

    • deployvm said: Would you mind telling me specifically what ISPs in Russia? The acknowledgement of your report depends on what email you use and who you reach.

      I cannot give you the information at this very moment but from my head I can remember ErTelekom and Flex for example (might be mixing info though).

      If the computers are zombies or victims, then there is not much point to send an abuse report. You should only spend your time reporting coordinated attacks.

      I'm pretty sure they're infected computers that are being used for a coordinated attack.

    • deployvmdeployvm Member, Provider
      edited August 2015

      @outime said:

      >
      >

      I have not dealt with ER-Telecom before, so I'm not aware of their handling policies. I'm aware of Transtelecom and Rostelecom.

      Basically, you should send your report in Russian. Please include necessary data to support your claim. There is a strong preference for business communication in Russian.

      Thanked by 1outime
    • XIAOSpider97XIAOSpider97 Member, Provider

      @GM2015 said:
      I pretty much get attack from India, China and Russia all the time, not to mention amazon ec2 ip ranges.

      There are no way to send abuse report to Chinese ISPs, and some DCs are loosely controlled (e.g. CT Zhenjiang DC, JS, 222.186.x.x) so spammers can live in there.

      Pump Cloud has been sold on Sep 1 2018.

    • @outime care to PM me a few of those IPs? I'd like to see if my bad / proxy IP detection catches it.

    • In Russia and maybe partly china, this is national defense, fighting the big bad americans and their nazi puppet regimes.

      Thanked by 1geekalot

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • If it's the type of badware traffic generated by infected residential customer's PCs it's usually not worth to send abuse reports. The ISP usually can't do anything about it anyway. Besides most of the largest residential ISPs probably already have full netflow monitoring, so if they care about these things - they already know about the bad traffic and will take measures.

      On the other hand if it's a server provider / data center - yes, it's better to send abuse report.

      -

    • @black said:
      outime care to PM me a few of those IPs? I'd like to see if my bad / proxy IP detection catches it.

      You got 'em.

    • outime said: You got 'em.

      Thanks!

    • No. It's like dealing with Aldryic or one of my colleagues.

      Different.

    • i have dealt with a russian isp before today and they where surprisingly helpful. providing you can translate it clearly to russian.

      I AM BACK :)
      Working Windows Server 2012 R2 on 6GB! Beat that!

    • I would say it is a waste of time to send abuse reports of any kind.

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    • WilliamWilliam Member, Provider

      In English? 50:50. Some will act, most will not respond even if they act.

      In Russian? Chances are higher, especially if you send annoying follow up emails all few days.

    • GM2015 said: I pretty much get attack from India, China and Russia all the time

      Ah.. yea well known bunch of bad guys around Internet.. :D Everyone else just kids..

      Yes, I can boogie

    • GM2015 said: EC2 required you to supply full contact information just to look at your complaint.

      What? I didn't have too.

    Sign In or Register to comment.