Results 1 to 14 of 14
Thread: Qwest.net probing/hack attempts
-
03-20-2011, 04:23 AM #1Aspiring Evangelist
- Join Date
- May 2007
- Posts
- 442
Qwest.net probing/hack attempts
Not sure if this is in the right spot or not, but how does one file an abuse report with qwest.net?
For months on end I've been getting hit by the same IPs on the Qwest network. I report them to abuse (at) qwest.net and clearly, nothing is getting done.
Do they have another abuse handling address?
-
03-20-2011, 04:32 AM #2Junior Guru Wannabe
- Join Date
- Mar 2011
- Location
- Romania
- Posts
- 70
You may also try domainadmin (at) qwest.com (the email they used to register the domain)
It's sometimes a good choice to write to the email the domain is registered to. That must be a functional email address. Also try their contact info on their website...
Unfortunately a lot of guys outhere does not handle abuse emails
-
03-20-2011, 04:16 PM #3Junior Guru Wannabe
- Join Date
- Jan 2011
- Posts
- 33
Since it's coming from the same IP's, I would just block them and be done with it. I had the same problem from somebody comment spamming my blog with scrapebox on server4you. I sent them an e-mail late last night (early this morning) and haven't heard anything. But instead of waiting around, I just blocked the entire IP range. The drop off in bandwidth usage was significant.
-
03-20-2011, 11:00 PM #4Aspiring Evangelist
- Join Date
- May 2007
- Posts
- 442
Already blocked. However I periodically rotate my firewall bans, which is how I keep encountering the Qwest IPs.
Odds are a lot of the offending IPs go out of commission eventually, so there's not much of a need to keep an infinite blocklist going.
-
03-20-2011, 11:04 PM #5Web Hosting Guru
- Join Date
- Feb 2011
- Posts
- 269
Qwest is up there with verizon as one of the biggest residential DSL providers in the US.
For abuse info, check this page http://www.qwest.net/help/abuse.html
Whatever you do, don't block qwest or qwest's subnet, as it's possible you'll end up block the midwest, or large midwestern city accidentally.
The abuse address is abuse@qwest.net. It's probably a script kiddy in mom's basement.Last edited by Question Everything; 03-20-2011 at 11:07 PM.
-
03-20-2011, 11:09 PM #6Aspiring Evangelist
- Join Date
- May 2007
- Posts
- 442
I'll try submitting something through their page and see if that works.
Something weird I noticed with this particular ip: 207.108.125.253
In google it comes up with some "hack" result, but the whois has a non-Qwest contact, beneath the abuse (at) qwest.net entry?
OrgTechHandle: JZH6-ARIN
OrgTechName: ZHANG, JOHN
OrgTechPhone: +1-520-882-6216
OrgTechEmail: zhang (at) luzsocialservices.org
OrgTechRef: http://whois.arin.net/rest/poc/JZH6-ARIN
RAbuseHandle: JZH6-ARIN
RAbuseName: ZHANG, JOHN
RAbusePhone: +1-520-882-6216
RAbuseEmail: jzhang (at) luzsocialservices.org
RAbuseRef: http://whois.arin.net/rest/poc/JZH6-ARIN
-
03-20-2011, 11:13 PM #7Web Hosting Guru
- Join Date
- Feb 2011
- Posts
- 269
Maybe because it's a static? Quest moves IPs alot, so that's possible if it stays the same IP. They could also be spoofing.
-
03-21-2011, 02:58 AM #8Junior Guru Wannabe
- Join Date
- Mar 2011
- Posts
- 56
You can simply block it in firewall if you've root access
-
03-21-2011, 03:36 AM #9Aspiring Evangelist
- Join Date
- May 2007
- Posts
- 442
Are you trying to gain post count for something?
The first 2 posts I've read from you are regarding info that was already clarified earlier in the topic!
-
03-21-2011, 03:55 AM #10Disabled
- Join Date
- Dec 2007
- Posts
- 3,597
Difficult to say. Perhaps the number of requests they are getting do not allow you to get your request be answered.
If you can find out the company above them and then contact I suppose that might help you somehow.
-
03-21-2011, 04:12 AM #11Junior Guru Wannabe
- Join Date
- Mar 2011
- Posts
- 56
-
03-29-2011, 05:18 PM #12Aspiring Evangelist
- Join Date
- May 2007
- Posts
- 442
I managed to receive one response from their "abuse team" several days ago saying they warned the user... yet the attacks continue.
This is absolutely ridiculous. I advise anyone considering Qwest as their ISP to run in the other direction; if they allow this activity on their networks you're going to end up getting unintentionally banned by a bunch of sites who are tired of the rampant abuse by Qwest users.
-
03-29-2011, 09:42 PM #13Web Hosting Master
- Join Date
- Jan 2005
- Location
- Minneapolis, MN
- Posts
- 966
I would recommend you run because they are a DSL provider
Doyle Lewis
BuyHTTP Internet Services - In business since 2003
Business Hosting | nginx, CloudLinux, Varnish cache, and CDP with every business account
Shared, Reseller, Semi Dedicated, VPS, Cloud, Dedicated - We can grow with you
-
03-29-2011, 09:47 PM #14Web Hosting Industry Expert
- Join Date
- Dec 2007
- Location
- Indiana, USA
- Posts
- 19,199
I know that it's not the right thing to do, but the thought crossed my mind that you likely have quite a bit more bandwidth than they do - you could always "attack back" but that's not something I would condone, just a passing thought.
Beyond that, set a permanent ban in the firewall and move on with your life. I understand you may rotate your bans, but simply make sure not to rotate this rule out.█ Michael Denney - MDDHosting.com - Proudly hosting more than 37,700 websites since 2007.
█ Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
█ cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
█ Class-leading support that responds in minutes, not days.
Similar Threads
-
cPanel hack attempts?
By AHN-Andrew in forum Running a Web Hosting BusinessReplies: 11Last Post: 10-29-2008, 03:14 PM -
Expecting DDoS and Hack attempts
By Pocket_Rockets in forum Web HostingReplies: 14Last Post: 07-25-2007, 06:53 PM -
SSH Hack Attempts
By quark122 in forum Dedicated ServerReplies: 2Last Post: 06-15-2006, 06:34 PM -
hack attempts?
By HD Fanatic in forum Hosting Security and TechnologyReplies: 10Last Post: 01-05-2006, 11:51 AM -
Hack Attempts - HELP
By mainarea in forum Hosting Security and TechnologyReplies: 10Last Post: 10-06-2003, 05:41 AM