Jean, That is fine. I don't understand why the ignorance. Its one flipping email and people can reply to me without adding the list. Is this really a necessary conversation? It has only blown up BECAUSE of Tom's comments. That is great he is a big shot and contributes, that is great to hear. I am not expereicncing the same type of onlist behavior.
Listen, I have devices on a cell network with only a few layers of security (of course there is a plan to increase the security on those devices but this is a complicated and highly regulated environment). Someone contacted me off list telling me they beleive the IP is a command and control server. Cell networks like Verizon has a process to report these IPs, now I am not educated in how the cellular network deal with that, that is where my "ignorance" if you would like to call it that, comes in. I see no issue asking other network admins to report it and fail to understand why this particular issue is bad. If there is a FEAR that everyone and their grandmother starts asking the onlist community to report IP addresses, I think that is an an unnecessary fear. What has turned into "noise" that Tom feared so much has been his doing not mine. On Thu, Feb 4, 2021 at 4:22 PM Jean St-Laurent <j...@ddostest.me> wrote: > I do not know Tom personally, but I’ve been following his comments, > hindsight and shared experience. Tom seems to be a bigger player than you > on this mailing list. > > > > Joe, you are only penalizing yourself by banning him. I would personally > not ban him. > > > > J > > > > *From:* Jean St-Laurent <j...@ddostest.me> > *Sent:* February 4, 2021 6:28 PM > *To:* 'JoeSox' <joe...@gmail.com>; 'Tom Beecher' <beec...@beecher.cc> > *Cc:* 'NANOG' <nanog@nanog.org> > *Subject:* RE: Suspicious IP reporting > > > > So what? I’ve scanned the internet more than 100’ times on all > ports/protocols than you can imagine with zmap and many other shabby tools. > > > > I agree with Tom that these absue reports are totally useless and create > so much noise that it feels like crying wolf. > > Network operator are trained to absorb and protect against that. > > > > Are you aware of the 4D rules? > > Dether > > Denied > > Detect > > Delay > > > > Unless that you are a real threat to a nation… good luck. > > > > There is a new submarine link that connect America with Europe. It is said > to be 250 Tbps. > > > https://cloud.google.com/blog/products/infrastructure/googles-dunant-subsea-cable-is-now-ready-for-service > > > > Kill this link and I guess the industry will listen to you. > > > > Good luck with your ip in China. > > > > Jean St-Laurent > > > > > > *From:* NANOG <nanog-bounces+jean=ddostest...@nanog.org> *On Behalf Of * > JoeSox > *Sent:* February 4, 2021 6:06 PM > *To:* Tom Beecher <beec...@beecher.cc> > *Cc:* NANOG <nanog@nanog.org> > *Subject:* Re: Suspicious IP reporting > > > > Tom, > > Others are seeing it as I provided the website that shows others are > seeing it. > > https://www.abuseipdb.com/check/79.124.62.86 > > I think it is pretty poor form to be ignorant. > > > > Congrats you have been banned from my gmail account straight to the > deleted. > > > > > > On Thu, Feb 4, 2021 at 1:12 PM Tom Beecher <beec...@beecher.cc> wrote: > > I think it's pretty poor form to ask people to report an IP for doing > something they are not seeing themselves, and may not even be abuse. What > does "hitting devices" mean? Pings? SNMP? > > > > This sort of thing contributes to abuse reponses being poor; lots of > noise, not much signal. > > > > On Thu, Feb 4, 2021 at 1:22 PM JoeSox <joe...@gmail.com> wrote: > > > > This IP is hitting devices on cellular networks for the past day or so. > > https://www.abuseipdb.com/whois/79.124.62.86 > > I think this is the info to report it to the ISP. Any help or if everyone > can report it, I would be a happy camper. > > > > ab...@4cloud.mobi; ab...@fiberinternet.bg > > > > https://en.asytech.cn/check-ip/79.124.62.25#gsc.tab=0 > > > > -- > > Thank You, > > Joe > >