Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Would you send an abuse report to russian domestic ISPs?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Would you send an abuse report to russian domestic ISPs?

I've received different types of attacks (some random and some others with a clear target) to different network layers and luckily I've been always able to handle them. I usually try to collect as much information as possible from the logs and prepare a report for the ISPs so they can take care of the attacking server properly.

Lately however I've been experimenting some serious flood (think of bruteforcing website credentials) from a large bunch of russian IPs. I've checked them and they all appear to be domestic, so most likely infected computers using different providers. So my question is, would you send an abuse report to the domestic ISPs, or do you think it's just a waste of time (bearing in mind they're in Russia and the default policy is pretty much laissez-faire)?

Comments

  • Save your bandwidth.

    I pretty much get attack from India, China and Russia all the time, not to mention amazon ec2 ip ranges.

    EC2 required you to supply full contact information just to look at your complaint.

    Waste of time to deal with such corps and countries.

    Thanked by 1geekalot
  • deployvmdeployvm Member, Host Rep

    @outime said:

    >

    Would you mind telling me specifically what ISPs in Russia? The acknowledgement of your report depends on what email you use and who you reach.

    If the computers are zombies or victims, then there is not much point to send an abuse report. You should only spend your time reporting coordinated attacks.

  • deployvm said: Would you mind telling me specifically what ISPs in Russia? The acknowledgement of your report depends on what email you use and who you reach.

    I cannot give you the information at this very moment but from my head I can remember ErTelekom and Flex for example (might be mixing info though).

    If the computers are zombies or victims, then there is not much point to send an abuse report. You should only spend your time reporting coordinated attacks.

    I'm pretty sure they're infected computers that are being used for a coordinated attack.

  • deployvmdeployvm Member, Host Rep
    edited August 2015

    @outime said:

    >
    >

    I have not dealt with ER-Telecom before, so I'm not aware of their handling policies. I'm aware of Transtelecom and Rostelecom.

    Basically, you should send your report in Russian. Please include necessary data to support your claim. There is a strong preference for business communication in Russian.

    Thanked by 1outime
  • @GM2015 said:
    I pretty much get attack from India, China and Russia all the time, not to mention amazon ec2 ip ranges.

    There are no way to send abuse report to Chinese ISPs, and some DCs are loosely controlled (e.g. CT Zhenjiang DC, JS, 222.186.x.x) so spammers can live in there.

  • @outime care to PM me a few of those IPs? I'd like to see if my bad / proxy IP detection catches it.

  • MaouniqueMaounique Host Rep, Veteran

    In Russia and maybe partly china, this is national defense, fighting the big bad americans and their nazi puppet regimes.

    Thanked by 1geekalot
  • If it's the type of badware traffic generated by infected residential customer's PCs it's usually not worth to send abuse reports. The ISP usually can't do anything about it anyway. Besides most of the largest residential ISPs probably already have full netflow monitoring, so if they care about these things - they already know about the bad traffic and will take measures.

    On the other hand if it's a server provider / data center - yes, it's better to send abuse report.

  • @black said:
    outime care to PM me a few of those IPs? I'd like to see if my bad / proxy IP detection catches it.

    You got 'em.

  • outime said: You got 'em.

    Thanks!

  • No. It's like dealing with Aldryic or one of my colleagues.

  • i have dealt with a russian isp before today and they where surprisingly helpful. providing you can translate it clearly to russian.

  • I would say it is a waste of time to send abuse reports of any kind.

  • In English? 50:50. Some will act, most will not respond even if they act.

    In Russian? Chances are higher, especially if you send annoying follow up emails all few days.

  • GM2015 said: I pretty much get attack from India, China and Russia all the time

    Ah.. yea well known bunch of bad guys around Internet.. :D Everyone else just kids..

  • GM2015 said: EC2 required you to supply full contact information just to look at your complaint.

    What? I didn't have too.

Sign In or Register to comment.