Let's assume that I submitted an abuse report on your behalf. I'm not going to do it on behalf of my company; I'm not seeing this issue. So I'd have to do it in a personal capacity.
Who do I report it to? Let's say my ISP is Charter, and my cell provider is AT&T. Reporting to either one would not provide you any benefit, since you are seeing the suspect traffic to you via Verizon. Let's assume I file the reports anyways. What do I say? I haven't seen the traffic in question, so I have no idea what it is. I can't provide any specifics in my abuse report that would be helpful. I'm certainly not going to just copypasta some information from abusedbip; I can't speak to the accuracy of anything there. Finally, I'm just another guy on the list, nobody special. I certainly don't feel that there was any bullying involved on my part or others, but I won't comment further; the intensity of your reaction would lead me to believe it would be unproductive. Best of luck in addressing your issues. On Thu, Feb 4, 2021 at 8:17 PM JoeSox <joe...@gmail.com> wrote: > Ryan, > Thanks but like I said these devices are in moving vehicles ok? > I stated we have a plan but it is ways out. > FACT: we have a known malicious C&C > FACT: We know what networks it is hitting and the cellular network is the > most vulnerable, imo. > FACT: this IP is against Verizon terms of service so the way to address it > is to report it to them as they request. > > I honestly got what I needed from this thread, thanks. And I thank the > nonbullies that helped me off list. > -- > Thank You, > Joe > > > On Thu, Feb 4, 2021 at 5:11 PM Ryan Hamel <administra...@rkhtech.org> > wrote: > >> Joe, >> >> >> >> It isn’t on Verizon to setup a firewall, especially if you have a direct >> public IP service. The device being attached directly to the Internet (no >> matter the transmission medium), must be able to protect itself. ISPs >> provide routers which function as a NAT/Firewall appliance, to provide a >> means of safety and convenience for them, but also charge you a rental fee. >> >> >> >> Stick a Cradlepoint router or something in front of your device, if you >> want an external means of protection. Otherwise you’ll need to enable the >> Windows Firewall if it’s a Windows system, or setup iptables on Linux, >> ipfw/pf on *BSD, etc. >> >> >> >> Ryan >> >> >> >> *From:* JoeSox <joe...@gmail.com> >> *Sent:* Thursday, February 4, 2021 5:04 PM >> *To:* r...@rkhtech.org >> *Cc:* TJ Trout <t...@pcguys.us>; NANOG <nanog@nanog.org> >> *Subject:* Re: Suspicious IP reporting >> >> >> >> How do I setup a firewall when I am not a Verizon engineer? >> >> There is a firewall via the antivirus and operating system but that's it. >> >> Do you not understand my issue? I thought that is the real problem with >> the online bullies in this thread. >> >> -- >> >> Thank You, >> >> Joe >> >> >> >> >> >> On Thu, Feb 4, 2021 at 5:01 PM Ryan Hamel <administra...@rkhtech.org> >> wrote: >> >> Joe, >> >> >> >> The underlying premise here is, “pick your battles”. If you don’t want an >> IP address to access your device in anyway, setup a firewall and properly >> configure it to accept whitelisted traffic only, or just expose a VPN >> endpoint. The Internet is full of both good and bad actors that probe and >> scan anything and everything. >> >> >> >> While some appreciate the notification here, others will find it >> annoying. We cannot report anything malicious about an IP address on the >> Internet, unless it does harm to us specifically, otherwise it is false >> reporting and does create more noise at the ISP, and waste more time >> getting to the underlying issue. >> >> >> >> Ryan >> >> >> >> *From:* NANOG <nanog-bounces+ryan=rkhtech....@nanog.org> *On Behalf Of * >> JoeSox >> *Sent:* Thursday, February 4, 2021 4:41 PM >> *To:* TJ Trout <t...@pcguys.us> >> *Cc:* NANOG <nanog@nanog.org> >> *Subject:* Re: Suspicious IP reporting >> >> >> >> Do others see this online bully started by Tom? The leader has spoken so >> the minions follow :) >> >> This list sometimes LOL >> >> I think if everyone gets off their high horse, the list communication >> would be less noisy for the list veterans. >> >> -- >> >> Thank You, >> >> Joe >> >> >> >> >> >> On Thu, Feb 4, 2021 at 4:36 PM TJ Trout <t...@pcguys.us> wrote: >> >> This seems like a highly suspect request coming from a North American >> network operator...? >> >> >> >> >> >> On Thu, Feb 4, 2021 at 10:23 AM JoeSox <joe...@gmail.com> wrote: >> >> >> >> This IP is hitting devices on cellular networks for the past day or so. >> >> https://www.abuseipdb.com/whois/79.124.62.86 >> >> I think this is the info to report it to the ISP. Any help or if >> everyone can report it, I would be a happy camper. >> >> >> >> ab...@4cloud.mobi; ab...@fiberinternet.bg >> >> >> >> https://en.asytech.cn/check-ip/79.124.62.25#gsc.tab=0 >> >> >> >> -- >> >> Thank You, >> >> Joe >> >>