Results 251 to 267 of 267
-
06-19-2016, 03:19 PM #251Web Hosting Master
- Join Date
- Apr 2011
- Location
- Cybertron
- Posts
- 10,484
Correct...but not the case here for this this reason....
If they're home to scammers and spammers and making money of such, they have no reason to care. Caring for them would mean to wipe out possibly a good portion of their customers, and do things the honest way. That would possibly including firing staff who knew of what's happening, or having to fire them anyways from the reduction of profit. Even if they suddenly became good...how many people would go back and unblock their IP's?
There's tons of companies who fit in these shoes, and even when caught, will not admit to any wrong doing....throw some money at the situation to keep it quiet, and just continue their actions.
-
06-19-2016, 04:12 PM #252Web Hosting Master
- Join Date
- Feb 2007
- Posts
- 3,666
ReliableSite.Net LLC - Offering Enterprise Grade Dedicated Servers Since 2006 [New York City metro / Miami, FL / Los Angeles, CA]
Customers are our #1 priority - Read Our Reviews
Need epic pricing on 1G and 10G unmetered? We have amazing deals and a 10 minute setup time! Click here to view incredible deals.
-
06-19-2016, 04:26 PM #253Web Hosting Master
- Join Date
- Apr 2011
- Location
- Cybertron
- Posts
- 10,484
Maybe I have, maybe I haven't. The point...these companies have left a bad taste in many people mouths...and has been mentioned on many forums for years.
Take Go Paddy as a perfect example. A train wreck forever. I left them years ago even though it was only for domains. In the last few months some members have said that things have improved. Great for new customers. Myself...never touching them again no matter how much they're improved. I'm not the only one to have such thoughts.
All I'm saying...the host has issues and customers of that hosts are both to blame, so it's not as easy as some make it out to be.
-
06-19-2016, 04:28 PM #254Web Hosting Master
- Join Date
- Feb 2007
- Posts
- 3,666
ReliableSite.Net LLC - Offering Enterprise Grade Dedicated Servers Since 2006 [New York City metro / Miami, FL / Los Angeles, CA]
Customers are our #1 priority - Read Our Reviews
Need epic pricing on 1G and 10G unmetered? We have amazing deals and a 10 minute setup time! Click here to view incredible deals.
-
06-19-2016, 07:35 PM #255Greece
- Join Date
- Jan 2004
- Location
- Greece
- Posts
- 2,211
-
04-25-2017, 07:19 PM #256Newbie
- Join Date
- Oct 2009
- Location
- Pearland, TX
- Posts
- 15
I block them too. Way too much form spam, wp-login requests, SQL injection, checking for the existence of common frameworks PHPmyadmin, fckeditor, word press, admins, ect... Finally after blocking enough IPs, I had enough, and wrote a script that would extract all their networks from ARIN and add them to my firewall. Thus far no complaints from my users, and no affect to my legit traffic patterns. I have done the same thing with b2NET and OVH hosting as well. Seems there is a handful of data centers that habor these guys. Its much easier to use the nuclear option, than it is to extract logs with proof of their behaviors and email them to their abuse department.
-
04-26-2017, 04:42 PM #257Aspiring Evangelist
- Join Date
- Aug 2013
- Posts
- 364
-
04-26-2017, 05:13 PM #258Poooooonnyyy :*
- Join Date
- Jan 2003
- Location
- Canada
- Posts
- 5,073
BuyVM - OpenVZ & KVM Based VPS Servers - Chat with us
- All popular VPN methods supported
- Affordable offloaded MySQL & DDoS protection
- 5GB backup space, unmetered private LAN bandwidth & native IPv6 included. All with a strong serving of pony
-
04-26-2017, 05:29 PM #259Web Hosting Master
- Join Date
- Mar 2012
- Posts
- 1,421
CC has a decent network. I personally don't have issues with them. I use many providers including CC, for work and for hobby and I receive more spam and botting bruteforce from other well known networks than from CC.
You would be amazed by how many trash you receive from other networks.
-
04-26-2017, 07:07 PM #260Junior Guru Wannabe
- Join Date
- Sep 2012
- Location
- London, UK
- Posts
- 77
My first reaction would be - Defense!
Is the software on your server man enough to stand upto what this IP range is throwing at you?
Are the servers hardened enough to cope with the load generated by these scripts?
Do you have a proactive monitoring process, which needs to technically spams offenders uplink providers abuse channels, with an autopsy of every incident.
If you do block IP ranges, legit customers using VPN or cross-platform scripts will get mooted, and there will always be another bot or script kiddie in another DC prowling over your IP address.
Edit: Obviously, if this is a private server, try block all and whitelist your ISP IP range. However if this is a public server, only block real brute force offenders, using an automated firewall.
Don't get caught up in chasing the bad guy.Last edited by Nationhost-Chris; 04-26-2017 at 07:10 PM. Reason: Add Clarity
Nationhost.co.uk - Server Solutions
Web: www.nationhost.co.uk
-
12-09-2019, 10:32 AM #261New Member
- Join Date
- Dec 2019
- Posts
- 1
Hate to necro...
It seems that even years after this long thread was started, colocrossing is still one the biggest hosts of malicious users. Our company has had to block thousands of colocrossing IPs for for constantly attempting to brute force logins, word press hack scanning (we don't use WordPress), SQL injection attacks, spam-bot account creation, etc.
I totally agree that blocking everything out of colocrossing is the answer. If there legit users (if any) cannot access us due to the blocks then hopefully they will realize they are using a malicious provider, speak with their wallets, and move to a provider that doesn't allow such parasitic behavior.
Just few of the most recent offenders:
107-175-151-30-host.colocrossing.com
107-172-35-148-host.colocrossing.com
107-172-139-81-host.colocrossing.com
23-94-146-157-host.colocrossing.com
107-175-129-219-host.colocrossing.com
107-172-170-141-host.colocrossing.com
23-95-97-134-host.colocrossing.com
107-173-204-156-host.colocrossing.com
Thank you to the users who have posted the IP ranges for colocrossing. Our servers will run cooler and the world will be a greener place due to the energy saved by dropping colocrossing into the blackhole it deserves.
Best regards,
Yes another colocrossing black-lister.
-
12-10-2019, 04:23 PM #262Aspiring Evangelist
- Join Date
- Dec 2009
- Location
- New Zealand
- Posts
- 438
as the original OP of this thread I must say that I recently acquired a new server and before it really set it up and hardened I was inundated with crap from Colocrossing and Digital Ocean .....and hundreds of Indian IP's. China is/was already blocked. Looks like nothing has changed at Colocrossing! this time I'm blocking their AS36352 ... see how that goes.
-
12-10-2019, 04:30 PM #263Web Hosting Master
- Join Date
- Dec 2001
- Location
- Toronto, Ontario, Canada
- Posts
- 6,896
Just out of curiosity, how are you blocking the ASN? Do you have an IPtables extension for it or something? I know a lot of people auto-feed in ranges, but there's gotta be something AS based that's more clean (that I'm just not aware/familiar of), as it only makes sense...
Myles Loosley-Millman - admin@prioritycolo.com
Priority Colo Inc. - Affordable Colocation & Dedicated Servers.
Two Canadian facilities serving Toronto & Markham, Ontario
http://www.prioritycolo.com
-
12-10-2019, 04:36 PM #264Aspiring Evangelist
- Join Date
- Dec 2009
- Location
- New Zealand
- Posts
- 438
-
12-10-2019, 05:07 PM #265Web Hosting Master
- Join Date
- Dec 2001
- Location
- Toronto, Ontario, Canada
- Posts
- 6,896
Ah darn, we use primarily IPtables for most of the magic, and I'm not keen on introducing more into the live environment. We use the ratelimit options to deal with repeated connects, and cphulk to try and deal with the botnets, but obviously some stuff slips through, eventually I have to remind myself that often getting 75% of garbage dropped is good enough, as it's a numbers game, and shooting for 100% is most likely to cause false positives/not have any meaningful return (aside from the satisfaction of giving the attackers the proverbial middle finger).
Myles Loosley-Millman - admin@prioritycolo.com
Priority Colo Inc. - Affordable Colocation & Dedicated Servers.
Two Canadian facilities serving Toronto & Markham, Ontario
http://www.prioritycolo.com
-
12-10-2019, 05:21 PM #266Knowledge is all
- Join Date
- Jul 2005
- Location
- here, there, where?
- Posts
- 4,100
CSF likely just gets the IPs from the ASN in one manner or other and adds the IPs to the blocklist. So you could replicate this behavior with a shell script that gets the IPs from the ASN and adds to iptables .
-Steven | Cooini, LLC
"It is the mark of an educated mind to be able to entertain a thought without accepting it" -Aristotle
-
12-10-2019, 05:30 PM #267Web Hosting Master
- Join Date
- Dec 2001
- Location
- Toronto, Ontario, Canada
- Posts
- 6,896
Yeah I saw a few shell scripts out there doing basically that, it's a shame nobody's written a module for iptables to do it in real time, maybe it's just too resource intensive to effectively have a routing table in play at the same time when you look at the nitty/gritty.
Myles Loosley-Millman - admin@prioritycolo.com
Priority Colo Inc. - Affordable Colocation & Dedicated Servers.
Two Canadian facilities serving Toronto & Markham, Ontario
http://www.prioritycolo.com
Similar Threads
-
Blocking ip ranges from certian countrys
By mrgeekchris in forum Fraud and AbuseReplies: 2Last Post: 01-07-2012, 06:34 PM -
LiquidWeb blocking IP ranges?
By Esau in forum Providers and Network Outages and UpdatesReplies: 0Last Post: 12-15-2009, 03:00 PM -
Is blocking email from dynamic IP ranges a good idea?
By ewhost in forum Dedicated ServerReplies: 0Last Post: 11-08-2006, 10:35 PM -
Blocking Fraud-Likely IP Ranges
By Dan Grossman in forum Ecommerce Hosting & DiscussionReplies: 5Last Post: 08-30-2004, 11:56 PM -
Blocking IP ranges from countries, help required
By silock in forum Other Offers & RequestsReplies: 0Last Post: 08-15-2004, 09:15 PM