Ryan, Thanks but like I said these devices are in moving vehicles ok? I stated we have a plan but it is ways out. FACT: we have a known malicious C&C FACT: We know what networks it is hitting and the cellular network is the most vulnerable, imo. FACT: this IP is against Verizon terms of service so the way to address it is to report it to them as they request.
I honestly got what I needed from this thread, thanks. And I thank the nonbullies that helped me off list. -- Thank You, Joe On Thu, Feb 4, 2021 at 5:11 PM Ryan Hamel <administra...@rkhtech.org> wrote: > Joe, > > > > It isn’t on Verizon to setup a firewall, especially if you have a direct > public IP service. The device being attached directly to the Internet (no > matter the transmission medium), must be able to protect itself. ISPs > provide routers which function as a NAT/Firewall appliance, to provide a > means of safety and convenience for them, but also charge you a rental fee. > > > > Stick a Cradlepoint router or something in front of your device, if you > want an external means of protection. Otherwise you’ll need to enable the > Windows Firewall if it’s a Windows system, or setup iptables on Linux, > ipfw/pf on *BSD, etc. > > > > Ryan > > > > *From:* JoeSox <joe...@gmail.com> > *Sent:* Thursday, February 4, 2021 5:04 PM > *To:* r...@rkhtech.org > *Cc:* TJ Trout <t...@pcguys.us>; NANOG <nanog@nanog.org> > *Subject:* Re: Suspicious IP reporting > > > > How do I setup a firewall when I am not a Verizon engineer? > > There is a firewall via the antivirus and operating system but that's it. > > Do you not understand my issue? I thought that is the real problem with > the online bullies in this thread. > > -- > > Thank You, > > Joe > > > > > > On Thu, Feb 4, 2021 at 5:01 PM Ryan Hamel <administra...@rkhtech.org> > wrote: > > Joe, > > > > The underlying premise here is, “pick your battles”. If you don’t want an > IP address to access your device in anyway, setup a firewall and properly > configure it to accept whitelisted traffic only, or just expose a VPN > endpoint. The Internet is full of both good and bad actors that probe and > scan anything and everything. > > > > While some appreciate the notification here, others will find it annoying. > We cannot report anything malicious about an IP address on the Internet, > unless it does harm to us specifically, otherwise it is false reporting and > does create more noise at the ISP, and waste more time getting to the > underlying issue. > > > > Ryan > > > > *From:* NANOG <nanog-bounces+ryan=rkhtech....@nanog.org> *On Behalf Of * > JoeSox > *Sent:* Thursday, February 4, 2021 4:41 PM > *To:* TJ Trout <t...@pcguys.us> > *Cc:* NANOG <nanog@nanog.org> > *Subject:* Re: Suspicious IP reporting > > > > Do others see this online bully started by Tom? The leader has spoken so > the minions follow :) > > This list sometimes LOL > > I think if everyone gets off their high horse, the list communication > would be less noisy for the list veterans. > > -- > > Thank You, > > Joe > > > > > > On Thu, Feb 4, 2021 at 4:36 PM TJ Trout <t...@pcguys.us> wrote: > > This seems like a highly suspect request coming from a North American > network operator...? > > > > > > On Thu, Feb 4, 2021 at 10:23 AM JoeSox <joe...@gmail.com> wrote: > > > > This IP is hitting devices on cellular networks for the past day or so. > > https://www.abuseipdb.com/whois/79.124.62.86 > > I think this is the info to report it to the ISP. Any help or if everyone > can report it, I would be a happy camper. > > > > ab...@4cloud.mobi; ab...@fiberinternet.bg > > > > https://en.asytech.cn/check-ip/79.124.62.25#gsc.tab=0 > > > > -- > > Thank You, > > Joe > >
