Tag: security risk

greencloudvps.com: Research, Ban

10gbpsnl.greencloudvps.com hit my site looking for security weaknesses, so I thought it wise to research them and send them packing. They are a VPS, so I’ll never find the actual intruder.

They are spotty, so I will start small and work my way up.

Observed:
10gbpsnl.greencloudvps.com 93.158.215.90 93.158.215.0 – 93.158.215.255 SERVERIUS NL
mnt-by:
10gbpsnl.greencloudvps.com 93.158.215.92

Research:
lgvn.greencloudvps.com 66.249.69.189

kvmla2.greencloudvps.com 92.210.165.94
lgnl.greencloudvps.com 93.158.203.162

lgnv.Greencloudvps.com 104.194.14.71
104.223.6.19.static.greencloudvps.com 104.223.6.19

107.161.93.161.static.greencloudvps.com 107.161.93.161

lgaz.greencloudvps.com 148.163.90.3

kvmla2.greencloudvps.com 192.210.165.97
kvmla2.greencloudvps.com 192.210.165.96

198.55.115.24.static.greencloudvps.com 198.55.115.24
198.55.115.58.static.greencloudvps.com 198.55.115.58

hukot.net Tor Exit: Research, Ban

108-36.hukot.net seems to be a Tor exit server. While I am all for the philosophy of net privacy, these Tor servers more often than not are used to content spam me. As a result I ban almost all of them. It is human nature, I suppose, to take something that should be beneficial and, using selfish and personal reasons, turn it to a tool of the bad.

Oh well, who am I to judge. This is my site, I ban content spammers, and I therefore also ban Tor content spammers, exit or not.

hukot.net seems to be an ISP from the Czech Republic.

ubernet.com.bd: Research, Ban

host-64-166-83.ubernet.com.bd was testing my security, so I thought I would out them. ubernet.com.bd is an IP telephone and ISP, out of Bangledesh.

Pattern:
This guy seems to have an older and a newer pattern. The older pattern starts with 220.47 and then appends the last 2 octets of the host name. The newer pattern starts with 45 and appends the last 3 octets of the host name.

Research:
host-161-148.ubernet.com.bd 220.247.161.148 220.247.160.0 – 220.247.167.255 220.247.160.0/21
host-162-202.ubernet.com.bd 220.247.162.202
host-162-238.ubernet.com.bd 220.247.162.238
host-162-58.ubernet.com.bd 220.247.162.58
host-162-55.ubernet.com.bd 220.247.162.55
host-162-173.ubernet.com.bd 220.247.162.173