t a t s u k i c h i

since 2001.4.29
[52526]

年中無休不定休 00:00-24:00

お飲みもの	日本酒を各種取り揃えております
コース料理	MacOS X, unix 等の美しく確かな技をご堪能下さい
季節料理	PIC, H8 等のご紹介
おつまみ	毒のあるつまみのようです
たつきちのご紹介	駐車場はございませんので散歩がてらご来店下さい
ご予約・お問い合わせは　info3@tatsukichi.gr.jp　まで（このメールアドレスへの特定電子メールの送信を拒否します）

たつきち小路でひとときのお安らぎを

はむすたあのあにさん	たつきちのおっしょさんですひさしぶりに元気なおっしょさんに出会えました ^^;
浅草散歩	たつきち小路から近くて遠い浅草の町
呑み喰い処	たつきちが好きならこの店も好き？
本屋	様々な本のご紹介
ぽっぽっぽ〜	とらすで〜すみぃで〜すふたりあわせてとらすとみぃどぇ〜す

大通りのお店

YAHOO! JAPAN
google 検索	全体から日本語のみ

たつきちからのお知らせ

［インシデント・レスポンスについて］
　弱小なたつきちネットワークでも最近多くのインシデントがありますので「たつきちネットワークにおけるインシデントの扱いについて」を作成しました。
［ウィルスからの攻撃について］
　ウィルスに感染したマイクロソフト・ウィンドウズからの攻撃は目に余るものがあります。ブラスターワームが猛威を振るった 2003 年 12 月には一日あたり約 18,251 回， 2004 年 7 月でも一日あたり約 4,229 回の攻撃があり，そのほとんどがウィルス感染したウィンドウズからと思われます。
　2005 年 8 月の ZOTOB/IRCBot ワームでも１日あたり 5,000 回程度の攻撃を受けています。
　エンドユーザやサーバ管理者の方は手を抜かず，周りに迷惑をかけない運用管理を徹底していただきたいものです（この部分はウィンドウズには限りませんが）。

SORBS users who identify recklessly the dynamically assigned IP addresses as spammers, we treat your network as criminals' heaven, nothing more, nothing less. Because we can't inform you about the criminals' behaviour in your network, and you can't stop your network to bother the Internet.

/ 2012.03 / 2012.02 / 2012.01 / 2011.12 / 2011.11 / 2011.10 / 2011.9 / 2011.8 / 2011.7 / 2011.6 / 2011.5 / 2011.4 / 2011.3 / 2011.2 / 2011.1 / 2010.12 / 2010.11 / 2010.10 / 2010.9 / 2010.8 / 2010.7 / 2010.6 / 2010.5 / 2010.4 / 2010.3 / 2010.2 / 2010.1 / 2009.12 / 2009.11 / 2009.10 / 2009.9 / 2009.8 / 2009.7 / 2009.6 / 2009.5 / 2009.4 / 2009.3 / 2009.2 / 2009.1 / 2008.12 / 2008.11 / 2008.10 / 2008.9 / 2008.8 / 2008.7 / 2008.6 / 2008.5 / 2008.4 / 2008.3 / 2008.2 / 2008.1

ip address	reason
CRACKERS' HEAVEN HOST/NETWORK - rejected networks (listed last 3 months)
109.169.70.113/19	109.169.70.113 in Thrust::VPS in Iomart Hosting Ltd (CN) (2012.5.20) Malicious and huge smtp auth attempts (2,250 login attempts).
218.108.85.243/15+	The criminal 218.108.85.243 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.5.19) Malicious and huge ssh brute force attack (15 login attempts) focusinfgon the root password. This is the 5th attack by the criminal 218.108.85.243 since May 16 2012, May 3 2012, Feb 21 2012 and Jan 12 2012. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.189.8 (Apr 20 2012), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Apr 17 2012, Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (May 19 2012, May 16 2012, May 3 2012, Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.250 (Mar 18 2012), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
111.67.210.19/20+	The criminal 111.67.210.19 in the criminal KDISK (케이디스크) in the criminal wizsolution co.,Ltd (클루넷) (KR) (2012.5.19) Malicious and huge ssh brute force attack (55 login attempts) focusing on the root password. This is the 4th attack by the criminal 111.67.210.19 since May 15 2012, Apr 15 2012 and Feb 21 2012. Add 111.67.208.0/20 and 111.67.224.0/19 to the permanent block list.
213.0.180.23/16	213.0.180.23 in Telefonica de Espana SAU (ES) (2012.5.19) Malicious and huge ssh brute force attack (82 login attempts) focusing on the root password.
113.53.233.228/19	113.53.233.228 in Bangkla-Hospital (Chachoengsao province) in TOT Public Company Limited (TH) (2012.5.12-19) Malicious and huge ssh brute force attack (444 login attempts) focusing on the root password.
41.128.168.40/16	41.128.168.40 in Link Egypt (EG) (2012.5.18) Malicious and huge http vulnerability probes (78 probes).
190.196.161.110/8+	190.196.161.110 in Gtd Internet S.A. (CL) (2012.5.18) Malicious and huge ssh brute force attack (79 and more login attempts). Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
220.85.73.53/11	220.85.73.53 (kt.woobo.net) (TV jockey) in Yoo GwangGeun in Korea Telecom (KR) (2012.5.18) Malicious and huge ssh brute force attack (2,837 login attempts). Add 220.64.0.0/11 to the permanent block list.
123.212.42.21/14	123.212.42.21 in the criminals' heaven network NATE (네이트) (NATE = Hanaro Telecom Inc.) in the criminals' heaven network SK Broadband Co Ltd (SK브로드밴드) (KR) (2012.5.18) Malicious and huge ssh brute force attack (4,036 and more login attempts). Add 123.212.0.0/14 to the permanent block list.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminal IPLAN in República Argentina. (AR) (2012.5.17) Malicious and huge ssh brute force attack (10 login attempts). This is the 13th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Apr 19 2012, Apr 6 2012, Mar 27 2012, Mar 17 2012, Mar 16 2012, Mar 15 2011, Mar 12 2012, Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
218.61.34.140/11+	218.61.34.140 in China Unicom Liaoning province network (中国联合网络通信有限公司辽宁省分公司) in China Unicom (中国联通) (CN) (2012.5.17) Malicious and huge ssh brute force attack (1,195 login attempts)d. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
209.190.36.66/17	209.190.36.66 (42.24.be.static.xlhost.com) in XLHost.com in eNET Inc. (US) (2012.5.17) Malicious and huge ssh brute force attack (94 login attempts)d.
221.7.11.112/12	221.7.11.112 in BaoShanQiP in CNC Group CHINA169 Xinjiang Province Network in China Unicom (中国联通) (CN) (2012.5,11, mail error 2012.5.17) Malicious and huge ssh brute force attack (454 login attempts) focusing on the root password. The contact e-mail address apnic@xjcnc.net does not work because of '<apnic@xjcnc.net>: connect to pop3.xj169.com[221.7.12.125]: Connection timed out' (2012.5.17) Add 221.0.0.0/12 to the permanent block list.
202.10.83.83/20	202.10.83.83 in AINS Telecommunications (AU) (2012.5.17) Malicious and huge ssh brute force attack (476 and more login attempts). We received an automatic receipt from AINS Telecommunications. (2012.5.17). Add 202.10.80.0/20 to the permanent block list.
211.147.3.19/12+	The criminals' host 211.147.3.19 in the criminals' heaven network Beijing Sanxin Shidai Co. Ltd in the criminals' heaven network CSTNET (中国科技网网络中心) in the criminals' heaven network BEIJING TELETRON DATA CENTER (北京电信通电信工程有限公司) (CN) (2012.5.17) Malicious and huge ssh brute force attack (9 login attempts) focusing on the root password. This the the 2nd attack by the criminals' host 211.147.3.19 since Feb 23 2012. Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
118.217.12.34/13	The criminal 118.217.12.34 in the criminals' heaven network NATE (네이트) (NATE = Hanaro Telecom Inc.) in the criminals' heaven network SK Broadband Co Ltd (SK브로드밴드) (KR) (2012.5.16) Malicious and huge ssh brute force attack (490 login attempts) focusing on the root password. This is the 3rd attack by the criminal 118.217.12.34 since Nov 29 2011 and Aug 28 2011. Add 118.216.0.0/13 to the permanent block list.
218.108.85.243/15+	The criminal 218.108.85.243 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.5.16) Malicious and huge ssh brute force attack (43 login attempts) focusinfgon the root password only. This is the 4th attack by the criminal 218.108.85.243 since May 3 2012, Feb 21 2012 and Jan 12 2012. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.189.8 (Apr 20 2012), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Apr 17 2012, Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (May 15 2012, May 3 2012, Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.250 (Mar 18 2012), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
124.127.242.11/15+	The cirminals' host 124.127.242.11 (11.242.127.124.broad.bj.bj.static.163data.com.cn) in the crimianls' heaven netowrk Research Institution of Telecom (No.1 Gaojiayuan,Xicheng District,Beijing,China) in CHINA TELECOM (中国电信集团公司) (CN) (2012.5.15) Malicious and huge ssh brute force attack (54 and more login attempts) focusing on the root passowrd. This is the 2nd attack by the cirminals' host 124.127.242.11 (11.242.127.124.broad.bj.bj.static.163data.com.cn) since May 6 2012. Add 124.126.0.0/15 and 124.128.0.0/13 to the permanent block list.
111.67.210.19/20+	The criminal 111.67.210.19 in the criminals' network KDISK (케이디스크) in the criminals' network wizsolution co.,Ltd (클루넷) (KR) (2012.5.15) Malicious and huge ssh brute force attack (14 login attempts) focusing on the root password. This is the 3rd attack by the criminal 111.67.210.19 since Apr 15 2012 and Feb 21 2012. Add 111.67.208.0/20 and 111.67.224.0/19 to the permanent block list.
94.126.18.151/21	94.126.18.151 (bildungsgruppe.sui-inter.net) in METANET AG, Switzerland (Hardstrasse 235, CH-8005 Zuerich) (CH) (2012.5.15) Malicious and huge ssh brute force attack (164 login attempts) focusing on the root password. No contact email address. Add 94.126.16.0/21 to the permanent block list.
86.125.32.52/13	86.125.32.52 (86-125-32-52.static.rdsor.ro) in RCS & RDS S.A. (050557 Bucharest, ROMANIA) (RO) (2012.5.13) Malicious and huge pop brute force attack (1,172 and more login attempts).
211.20.209.200/14	211.20.209.200 (211-20-209-200.HINET-IP.hinet.net) in CHTD, Chunghwa Telecom Co.,Ltd. (TW) (2012.5.13) Malicious and huge pop brute force attack (1,162 login attempts).
91.186.10.4/19	91.186.10.4 (ps5.quaddns.com) in TertiaryDNS in Simply Transit Ltd (GB) (2012.5.13) Malicious and huge ssh brute force attack (55 login attempts) focusing on the root password.
202.102.251.145/12+	202.102.251.145 in zhengzhou telecommunication bureau (zhengzhou city, Henan Provice, 450052) in the criminals' heaven network CNC Group CHINA169 Henan Province Network in China Unicom Henan province network (中国联通河南省分公司) in CHINA UNICOM (中国联通) (CN) (2012.5.13) Malicious and huge ssh brute force attack (304 login attempts) focusing on the root password. The contact e-mail address abuse@public.zz.ha.cn does not work because of '<abuse@public.zz.ha.cn>: host gw.371.net[222.141.219.243] said: 550 #2175041 unavailable mail user (in reply to RCPT TO command)' (2012.5.13) Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
221.5.51.243/12	221.5.51.243 in CNC Group CHINA169 Guangdong Province Network in China Unicom Guangdong province network (中国联通广东分公司) in China Unicom (中国联通) (CN) (2012.5.12) Malicious and huge ssh brute force attack (1,182 login attempts). Add 221.0.0.0/12 to the permanent block list.
116.124.171.31/13	116.124.171.31 in NATE (네이트) (NATE = Hanaro Telecom Inc.) in SK Broadband Co Ltd (SK브로드밴드) (KR) (2012.5.12) Malicious and huge pop brute force attack (2,769 login attempts). Add 116.120.0.0/13 to the permanent block list.
216.158.241.163/20	216.158.241.163 (163.216-158-241-unused.kitcarson.net) (!!! CAUTION!!! PHISHING SITE ALERT POPUPS !!!) in Kit Carson Electric Cooperative, Inc (US) (2012.5.11) Malicious and huge http vulnerability probes (83 probes).
203.212.223.114/18	203.212.223.114 (webmail.taurusmutualfund.com) in Taurus Mutual Fund in Hathway IP over Cable Internet Access (IN) (2012.5.11) Malicious and huge ssh brute force attack (234 and more login attempts) focusing on the root password.
203.171.30.237/20	203.171.30.237 in the criminals' heaven network New Generations Telecommunication Corporation (VN) (2012.5.11) Malicious and huge ssh brute force attack (288 login attempts) focusing on the root password. The contact e-mail address hoathai@vngt.vn does not work because of '<hoathai@vngt.vn>: Name service error for vngt.vn: Host found but no data record of requested type' (2012.5.11) Add 203.171.16.0/20 to the permanent block list.
64.239.36.40/17	64.239.36.40 in Peer 1 Dedicated Hosting (US) (2012.5.10) Malicious and huge ssh brute force attack (396 login attempts) focusing on the root password.
114.57.56.95/15	114.57.56.95 in PT. INDOSAT MEGA MEDIA (ID) (2012.5.9) Malicious and huge ssh brute force attack (14 login attempts) focusing on the root password. This is the 2nd attack by since May 9 2012 (today).
14.222.49.42/12	14.222.49.42 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.5.9) Malicious and huge smtp auth attempts (50 login attempts). Add 14.208.0.0/12 to the permanent block list.
211.162.76.141/13+	211.162.76.141 in GREAT WALL BROADBAND NETWORK (长城宽带网络服务有限公司) (CN) (2012.5.9) Malicious and huge ssh brute force attack (2,445 login attempts) focusing on the root password. Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
114.57.56.95/15	114.57.56.95 in PT. INDOSAT MEGA MEDIA (ID) (2012.5.9) Malicious and huge ssh brute force attack (148 login attempts) focusing on the root password.
64.27.0.183/24(/19)	64.27.0.183 (tracker.airspan.com) in AirlineReservations.Com in CalPOP - ATMLINK Inc. (US) (2012.5.8) Malicious and huge ssh brute force attack (432 login attempts) focusing on the root password.
222.221.2.210/11+	The criminal 222.221.2.210 in the criminal CHINANET yunnan province network in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2012.5.8) Malicious and huge ssh brute force attack (148 login attempts) focusing on the root password. This is the 21st attack by the criminal 222.221.2.210 since Apr 15 2012, Feb 18 2012, Jan 29 2012, Jan 23 2012, Nov 3 2011, Oct 4 2011, Mar 28 2011, Dec 24 2010, Nov 11 2010, Sep 24 2010, Sep 12 2010, Jun 29 2010, Feb 9 2010, Dec 16 2009, Jun 1 2009, Apr 30 2009, Feb 26 2009 and Nov 22 2008. The contact e-mail address ynipm@126.co does not work because of '<ynipm@126.com>: host 126mx01.mxmail.netease.com[220.181.15.132] said: 550 User not found: ynipm@126.com (in reply to RCPT TO command)' (2012.5.8) Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
221.236.10.76/12+	221.236.10.76 in CHINANET Sichuan province network (中国电信四川有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.5.7) Malicious and huge ssh brute force attack (52 and more login attempts). Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
113.108.237.70/10+	113.108.237.70 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.5.7) Malicious and huge ssh brute force attack (136 login attempts) focusing on the root password. Add 113.62.0.0/15, 113.64.0.0/10 and 113.128.0.0/15 to the permanent block list.
46.228.204.178/20	The criminals' host 46.228.204.178 (e292.enterprise.fastwebserver.de) in myLoc Colocation in fibre one networks GmbH (DE) (2012.5.6) Malicious and huge pop brute force attack (81 login attempts). This is the 2nd attack by the criminals' host 46.228.204.178 (e292.enterprise.fastwebserver.de) since Apr 2 2012 (thru ssh port). Add 46.228.192.0/20 to the permanent block list.
208.116.53.5/18	208.116.53.5 in Cirtex-Corp in Fortress ITX (US) (2012.5.6) Malicious and huge pop brute force attack (79 login attempts). We received an automatic receipt from FortressITX. (2012.5.6).
124.127.242.11/15+	124.127.242.11 (11.242.127.124.broad.bj.bj.static.163data.com.cn) in Research Institution of Telecom (No.1 Gaojiayuan,Xicheng District,Beijing,China) in CHINA TELECOM (中国电信集团公司) (CN) (2012.5.6) Malicious and huge ssh brute force attack (460 login attempts) focusing on the root passowrd. Add 124.126.0.0/15 and 124.128.0.0/13 to the permanent block list.
124.94.114.245/13	124.94.114.245 in China Unicom Liaoning province network (中国联合网络通信有限公司辽宁省分公司) in China Unicom (中国联通) (CN) (2012.5.5) Malicious and huge smtp auth attempts (30 and more login attempts). Add 124.88.0.0/13 to the permanent block list.
115.165.178.172/21	115.165.178.172 in wizsolution co.,Ltd - clunet (클루넷) (KR) (2012.5.5) Malicious and huge ssh brute force attack (195 login attempts) focusing on the root passowrd. Add 115.165.176.0/21 to the permanent block list.
222.161.137.80/14	222.161.137.80 (80.137.161.222.adsl-pool.jlccptt.net.cn) in China Unicom Jilin province network (吉林联通) in CHINA UNICOM (中国联通) (CN) (2012.5.4) Malicious and huge ssh brute force attack (92 and more login attempts) focusing on the root passowrd. The contact e-mail address jhli_jl@mail.jl.cn does not work because of '<jhli_jl@mail.jl.cn>: host mx.mail.jl.cn[218.27.126.110] said: 550 <jhli_jl:mail> is now disabled with MTA service. (in reply to RCPT TO command)' (2012.5.4) Add 222.160.0.0/14 to the permanent block list.
202.121.166.203/15+	The criminal 202.121.166.203 in the crimianls' network East China University Of Politics And Law (华东政法大学) in CERNet: China Education and Research Network (中国教育和科研计算机网) in People's Republic of China. (CN) (2012.5.3) Malicious and huge ssh brute force attack (192 and more login attempts). This is the 4th attack by the criminal 202.121.166.203 since Apr 18 2012, Nov 30 2011 and Nov 7 2011. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
218.108.85.243/15+	The criminal 218.108.85.243 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.5.3) Malicious and huge ssh brute force attack (3 login attempts) focusinfgon the root password only. This is the 3rd attack by the criminal 218.108.85.243 since Feb 21 2012 and Jan 12 2012. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.189.8 (Apr 20 2012), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Apr 17 2012, Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (May 3 2012, Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.250 (Mar 18 2012), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
91.93.189.4/16	91.93.189.4 (mail.alganyazilim.com.tr) in alganyazilim.com.tr in Global Iletisim Hizmetleri A.S. (Ayazma Dere Cad. Aksit Plaza No:12/1, Fulya, Besiktas, Istanbul, Turkey) (TR) (2012.5.3) Malicious and huge ssh brute force attack (51 login attempts) focusing on the root password. No contact email address. Add 91.93.0.0/16 to the permanent block list.
203.21.74.19/23	203.21.74.19 in PT INDONETWORK MITRA UTAMA. in INDOSAT (ID) (2012.5.2) Malicious and huge ssh brute force attack (87 login attempts) focusing on the root password.
84.51.18.242/18	84.51.18.242 (host-84-51-18-242.teletektelekom.com = ykb.dmpartner.com.tr) in DMC Dogrudan Pazarlama ve Bil.Hiz.A.S. in Global Iletisim Hizmetleri A.S. (Ayazma Dere Cad. Aksit Plaza No:12/1, Fulya, Besiktas, Istanbul, Turkey) (TR) (2012.5.2) Malicious and huge ssh brute force attack (170 login attempts) focusing on the root password. No contact email address. Add 84.51.0.0/18 to the permanent block list.
202.47.80.151/24	202.47.80.151 in Departemen Perindustrian Republik Indonesia (ID) (2012.5.2) Malicious and huge ssh brute force attack (8,303 login attempts).
87.103.113.155/17	87.103.113.155 (155.113.103.87.rev.vodafone.pt) in Vodafone Portugal (PT) (2012.5.2) Malicious and huge ssh brute force attack (436 login attempts).
69.162.82.22/18	69.162.82.22 (22-82-162-69.static.reverse.lstn.net) in Limestone Networks, Inc. (US) (2012.5.1) Malicious and huge pop brute force attack (52 login attempts). The criminals seems to live in 69.162.82.* block. 69.162.82.25 attacked our pop port in Mar 29 2012 and 69.162.82.58 attacked our smtp port (auth) in Mar 2 2012. Add 69.162.64.0/18 to the permanent block list.
4.30.72.146/8	4.30.72.146 in Level 3 Communications, Inc. (US) (2012.5.1) Malicious and huge ssh brute force attack (274 login attempts). We received an automatic receipt from Level 3 Communications. (2012.5.1).
202.169.55.98/24	202.169.55.98 in Qeon Interactive in Biznet Networks (ID) (2012.4.27-28) Malicious and huge pop brute force attack (2,547 login attempts).
218.74.116.104/11+	The criminals' host 218.74.116.104 in the criminals' heaven network CHINANET ZHEJIANG Lishui node network in CHINANET ZHEJIANG (中国电信股份有限公司浙江分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.27) Malicious and huge ssh brute force attack (20 login attempts) focusing ont the root password only. This is the 2nd attack by the criminals' host 218.74.116.104 since Apr 17 2012. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
218.94.149.188/11+	218.94.149.188 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.27) Malicious and huge ssh brute force attack (240 and more login attempts). Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
122.115.59.131/14	122.115.59.131 in Beijingqishangzaixian Shujutongxinkejiyouxiangongsi (北京企商在线数据通信科技有限公司) (CN) (2012.4.9-27) Malicious and huge ssh brute force attack (95 login attempts) focusing on the root password. Add 122.112.0.0/14 to the permanent block list.
61.244.245.198/16	The criminals' host 61.244.245.198 (061244245198.static.ctinets.com = www.skyview.hk) in the criminals' heaven network Skyview Optical Co. Ltd. in the criminals' heaven network CITY TELECOM (HK) LTD (城市電訊(香港)有限公司) (HK) (2012.4.27) Malicious and huge smtp auth attempts (62 login attempts). This is the 2nd attack by the criminals' host 61.244.245.198 (061244245198.static.ctinets.com = www.skyview.hk) since Apr 10 2012. Add 61.244.0.0/16 to the permanent block list.
63.223.118.136/18(/13)	63.223.118.136 in Sentris Network LLC in Beyond The Network America, Inc. = PCCW Global (US) (2012.4.26) Malicious and huge ssh brute force attack (195 login attempts) focusing on the root password. We received an automatic receipt from Sentris NOC. (2012.4.26).
200.107.9.25/7	200.107.9.25 in CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP (EC) (2012.4.26) Malicious and huge ssh brute force attack (75 login attempts) focusing on the root password. Add 200.0.0.0/7 to the permanent block list.
218.249.32.163/16+	218.249.32.163 in Beijing Sun Rise Technology CO.LTD (北京日升天信科技有限公司) (CN) (2012.4.26) Malicious and huge ssh brute force attack (358 login attempts) focusing on the root password. Add 218.240.0.0/13 and 218.249.0.0/16 to the permanent block list.
187.51.64.99/7	187.51.64.99 in Telefonica Data S.A. (BR) (2012.4.26) Malicious and huge pop brute force attack (51 login attempts). Add 186.0.0.0/7 to the permanent block list.
91.102.224.55/24	91.102.224.55 in SAT-TRAKT Telecommunications (SAT-TRAKT D.O.O. Backa Topola) (RS) (2012.4.26) Malicious and huge ssh brute force attack (195 login attempts) focusing on the root password.
124.207.3.53/13	124.207.3.53 in the crimianls' heaven network Beijing Sanxin Shidai Co. Ltd (1513 Xinjishu building Beijing link west road, Haidian District, Beijing, PRC) in the crimianls' heaven network BEIJING TELETRON DATA CENTER (北京电信通电信工程有限公司) (Pang Patrick, bill.pang@bj.datadragon.net, Fl./8, South Building, Bridge Mansion, No. 53, phone:+86-10-63181513, fax-no:+86-10-63181597, CN / ShouLan Du, Fl./8, South Building, Bridge Mansion, No. 53, phone:+86-010-83160000, fax-no:+86-010-83155528, e-mail:dsl327@btamail.net.cn) (CN) (2012.4.21, mail error 2012.4.26) Malicious and huge ssh brute force attack (142 login attempts) focusing on the root password. The contact e-mail address bill.pang@bj.datadragon.net does not work because of '<bill.pang@bj.datadragon.net>: connect to bj.datadragon.net[211.147.3.134]: Connection timed out' (2012.4.26) Add 124.200.0.0/13 to the permanent block list.
183.62.225.87/10+	183.62.225.87 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.25) Malicious and huge ssh brute force attack (45 login attempts) focusing on the root password. Add 183.0.0.0/10 and 183.64.0.0/13to the permanent block list.
110.45.147.120/16+	110.45.147.120 in LG DACOM KIDC (LG유플러스) (KR) (2012.4.25) Malicious and huge ssh brute force attack (9,014 login attempts). Add 110.44.192.0/18, 110.45.0.0/16 and 110.46.0.0/15 to the permanent block list.
218.201.78.41/12	218.201.78.41 in China Mobile Communications Corporation - chongqing (中国移动通信集团重庆有限公司) in China Mobile Communications Corporation (中国移动通信集团公司) (CN) (2012.4.24) Malicious and huge ssh brute force attack (72 and more login attempts) focusing on the root password. Add218.192.0.0/12 to the permanent block list.
59.92.230.24/13+	59.92.230.24 (static.mangalore.bb.59.92.230.24/24.bsnl.in) in Bharat Sanchar Nigam Limited (IN) (2012.4.24) Malicious and huge ssh brute force attack (10,136 login attempts). Add 59.88.0.0/13 and 59.96.0.0/14 to the permanent block list.
221.226.177.158/12+	221.226.177.158 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.24) Malicious and huge ssh brute force attack (3,230 login attempts). Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
219.240.39.206/15	219.240.39.206 in NATE (네이트) (NATE = Hanaro Telecom Inc.) in SK Broadband Co Ltd (SK브로드밴드) (KR) (2012.4.24) Malicious and huge ssh brute force attack (1,439 login attempts) focusing on the root password. The contact e-mail address info@hananet.net does not work because of '<info@hananet.net>: host mx.hanafos.com[117.53.114.19] said: 550 5.1.1 User unknown (in reply to RCPT TO command)' (2012.4.24) Add 219.240.0.0/15 to the permanent block list.
80.216.14.115/15	80.216.14.115 (c80-216-14-115.bredband.comhem.se) in com hem AB (SE) (2012.4.23) Malicious and huge ssh brute force attack (300 login attempts). This is the 3rd attack by 80.216.14.115 (c80-216-14-115.bredband.comhem.se) since Apr 23 2012 (today) and Apr 22 2012. We received a good report from Com Hem AB. (2012.4.24).
80.216.14.115/15	80.216.14.115 (c80-216-14-115.bredband.comhem.se) in com hem AB (SE) (2012.4.23) Malicious and huge ssh brute force attack (306 login attempts). This is the 2nd attack by 80.216.14.115 (c80-216-14-115.bredband.comhem.se) since Apr 22 2012.
218.233.161.177/13	218.233.161.177 in NATE (네이트) (NATE = Hanaro Telecom Inc.) in SK Broadband Co Ltd (SK브로드밴드) (KR) (2012.4.23) Malicious and huge pop brute force attack (106 login attempts). The contact e-mail address info@hananet.net does not work because of '<info@hananet.net>: host mx.hanafos.com[117.53.114.19] said: 550 5.1.1 User unknown (in reply to RCPT TO command)' (2012.4.24) Add 218.232.0.0/13 to the permanent block list.
80.216.14.115/15	80.216.14.115 (c80-216-14-115.bredband.comhem.se) in com hem AB (SE) (2012.4.22) Malicious and huge ssh brute force attack (306 login attempts).
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (ip@pub.sd.cninfo.net, Jinan,Shandong P.R China, phone:+86-531-6666666, fax-no:+86-531-6666666) (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (No.21,Jin-Rong Street, Beijing,100033, P.R.China, phone:+86-10-66259764, fax-no:+86-10-66259764) (中国联通) in People's Republic of China. (CN) (2012.4.22) Malicious and huge ssh brute force attack (25 login attempts). This is the 22nd attack by the criminal 119.188.7.185 since Apr 19 2012, Apr 13 2011, Apr 11 2012, Apr 10 2012, Mar 29 2012, Mar 27 2012, Mar 23 2012, Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.4.22, 2012.4.19, 2012.4.13, 2012.4.11, 2012.4.10, 2012.3.29, 2012.3.27, 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
218.69.248.24/11+	The criminal 218.69.248.24 in the criminals' heaven network China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in the criminals' heaven network China Unicom (中国联通) (CN) (2012.4.20,mail error 2012.4.21) Malicious and huge ssh brute force attack (182 login attempts) focusing on the root password. This is the 3rd attack by the criminal 218.69.248.24 since Apr 17 2012 and Dec 18 2011. The contact e-mail address ipaddr@ywb.online.tj.cn does not work because of '<ipaddr@ywb.online.tj.cn>: host ywb.online.tj.cn[202.99.64.73] said: 550 <ipaddr`ywb_online_tj_cn> is now disabled with MTA service. (in reply to RCPT TO command)' (2012.4.21) Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
91.74.169.5/19	91.74.169.5 in du \| Emirates Integrated Telecommunications Company (AE) (2012.4.20) Malicious and huge pop brute force attack (571 login attempts). We received an automatic receipt from Network Abuse Response Center. (2012.4.21).
98.100.184.140/14	98.100.184.140 (rrcs-98-100-184-140.central.biz.rr.com) in Road Runner HoldCo LLC (US) (2012.4.11-14, mail error 2012.4.20) Malicious and huge smtp relay attempts (total 132 relay attempts). The relaying attempts continues. The contact e-mail address abuse@rr.com does not work because of '<abuse@rr.com>: connect to hrndva-postmx01.mail.rr.com[71.74.56.227]: Connection timed out' (2012.4.18) Add 98.100.0.0/14 to the permanent block list.
61.157.243.82/10	61.157.243.82 (mail.scitc.com.cn) in Sichuan Information TechnologyCollege (四川信息职业技术学院) in CHINANET Sichuan province network (中国电信四川有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.20) Malicious and huge ssh brute force attack (72 and more login attempts) focusing on the root password. Add 61.128.0.0/10 to the permanent block list.
125.210.189.8/15+	125.210.189.8 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.4.20) Malicious and huge pop brute force attack (53 and more login attempts). And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.189.8 (Apr 20 2012), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Apr 17 2012, Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.250 (Mar 18 2012), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.4.19) Malicious and huge ssh brute force attack (25 login attempts). This is the 21th attack by the criminal 119.188.7.185 since Apr 13 2011, Apr 11 2012, Apr 10 2012, Mar 29 2012, Mar 27 2012, Mar 23 2012, Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.4.20, 2012.4.13, 2012.4.11, 2012.4.10, 2012.3.29, 2012.3.27, 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminal IPLAN in República Argentina. (AR) (2012.4.19) Malicious and huge ssh brute force attack (10 login attempts). This is the 12th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Apr 6 2012, Mar 27 2012, Mar 17 2012, Mar 16 2012, Mar 15 2011, Mar 12 2012, Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
212.250.167.120/16	212.250.167.120 in Virgin Media Limited (GB) (2012.4.19) Malicious and huge ssh brute force attack (38 and more login attempts) focusing on the root password only.
206.212.242.98/20	206.212.242.98 (seo-host.com) in COLOSTORE-COM (US) (2012.4.19) Malicious and huge http vulnerability probes (85 probes).
114.92.199.12/12+	114.92.199.12 in CHINANET shanghai province network (中国电信上海信息产业(集团)有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.19) Malicious and huge smtp auth attempts (50 login attempts). Add 114.80.0.0/12, 114.96.0.0/13 and 114.104.0.0/14 to the permanent block list.
202.121.166.203/15+	The criminal 202.121.166.203 in East China University Of Politics And Law (华东政法大学) in CERNet: China Education and Research Network (中国教育和科研计算机网). (CN) (2012.4.18) Malicious and huge ssh brute force attack (2,113 login attempts). This is the 3rd attack by the criminal 202.121.166.203 since Nov 30 2011 and Nov 7 2011. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
218.69.248.24/11+	The criminals' host 218.69.248.24 in China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in China Unicom (中国联通) (CN) (2012.4.17,mail error 2012.4.18) Malicious and huge ssh brute force attack (59 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 218.69.248.24 since Dec 18 2011. The contact e-mail address ipaddr@ywb.online.tj.cn does not work because of '<ipaddr@ywb.online.tj.cn>: host ywb.online.tj.cn[202.99.64.73] said: 550 <ipaddr`ywb_online_tj_cn> is now disabled with MTA service. (in reply to RCPT TO command)' (2012.4.18) Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
98.100.184.140/14	98.100.184.140 (rrcs-98-100-184-140.central.biz.rr.com) in the criminals' heaven network Road Runner HoldCo LLC (US) (2012.4.11-13，mail error 2012.4.18) Malicious and huge smtp relay attempts (62 relay attempts). The contact e-mail address abuse@rr.com does not work because of '<abuse@rr.com>: connect to hrndva-postmx01.mail.rr.com[71.74.56.227]: Connection timed out' (2012.4.18) Add 98.100.0.0/14 to the permanent block list.
74.63.237.157/18	74.63.237.157 (157-237-63-74.static.reverse.lstn.net) in Limestone Networks, Inc. (US) (2012.4.17) Malicious and huge pop brute force attack (61 login attempts).
114.143.101.212/16	114.143.101.212 in Tata Teleservices Maharashtra Ltd (IN) (2012.4.17) Malicious and huge ssh brute force attack (38 login attempts) focusing on the root passowrd only. This is the 2nd attack by 114.143.101.212 since Apr 17 2012 (today).
218.74.116.104/11+	218.74.116.104 in CHINANET ZHEJIANG Lishui node network in CHINANET ZHEJIANG (中国电信股份有限公司浙江分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.17) Malicious and huge ssh brute force attack (44 login attempts) focusing ont the root password. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
190.85.39.134/8+	190.85.39.134 in Telmex Colombia S.A. (CO) (2012.4.17) Malicious and huge ssh brute force attack (1,453 login attempts) focusing on the root password. Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
124.31.206.61/16	124.31.206.61 in CHINANET Xizang(Tibet) province network (中国电信集团西藏分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.17) Malicious and huge ssh brute force attack (238 login attempts). Add 124.31.0.0/16 to the permanent block list.
114.143.101.212/16	114.143.101.212 in Tata Teleservices Maharashtra Ltd (IN) (2012.4.17) Malicious and huge ssh brute force attack (213 login attempts) focusing on the root passowrd.
218.108.85.240/15+	The criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.4.17) Malicious and huge ssh brute force attack (725 login attempts) focusing on the root password. This is the 10th attack by the criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. since Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Apr 17 2012, Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.250 (Mar 18 2012), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
111.74.81.189/13	111.74.81.189 in CHINANET jiangxi province network (江西电信) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.7-11, mail error 2012.4.16) Malicious and huge ssh brute force attack (31 login attempts) focusing on the root password. The contact e-mail address hostmaster@public1.nc.jx.cn does not work because of '<hostmaster@public1.nc.jx.cn>: connect to public1.nc.jx.cn[202.109.128.68]: Connection timed out' (2012.4.16) Add 111.72.0.0/13 to the permanent block list.
121.30.228.243/12+	121.30.228.243 in CNC Group CHINA169 Shan1xi Province Network in China Unicom Shan1xi province network (中国联合网络通信有限公司山西省分公司) in CHINA UNICOM (中国联通). (CN) (2012.4.15) Malicious and huge ssh brute force attack (51 login attempts) focusing on the root password. Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
210.245.80.44/17	210.245.80.44 in FPT Telecom Company (VN) (2012.4.15) Malicious and huge ssh brute force attack (59 and more login attempts) focusing on the root passowrd. Add 1210.245.0.0/17 to the permanent block list.
75.150.102.213/18	75.150.102.213 in Comcast Business Communications, LLC (US) (2012.4.15) Malicious and huge pop brute force attack (53 login attempts).
111.67.210.19/20+	The criminals' host 111.67.210.19 in the criminals' heaven network KDISK (케이디스크) in the criminals' heaven network wizsolution co.,Ltd (클루넷) (KR) (2012.4.15) Malicious and huge ssh brute force attack (1,415 and more login attempts). This is the 2nd attack by the criminals' host 111.67.210.19 since Feb 21 2012. Add 111.67.208.0/20 and 111.67.224.0/19 to the permanent block list.
222.221.2.210/11+	The criminal 222.221.2.210 in the criminal CHINANET yunnan province network in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2012.4.15) Malicious and huge ssh brute force attack (43 login attempts). This is the 20th attack by the criminal 222.221.2.210 since Feb 18 2012, Jan 29 2012, Jan 23 2012, Nov 3 2011, Oct 4 2011, Mar 28 2011, Dec 24 2010, Nov 11 2010, Sep 24 2010, Sep 12 2010, Jun 29 2010, Feb 9 2010, Dec 16 2009, Jun 1 2009, Apr 30 2009, Feb 26 2009 and Nov 22 2008. Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
151.100.31.107/16	151.100.31.107 (orange.bce.uniroma1.it) in Universita' degli Studi di Roma La Sapienza (IT) (2012.4.14) Malicious and huge ssh brute force attack (209 and more login attempts).
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.4.14) Malicious and huge ssh brute force attack (8 login attempts) focusing on the root password only. This is the 14th attack by the criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China since Apr 13, Apr 4 2012, Apr 2 2012, Apr 1 2012 (twice), Mar 31 2012 (twice), Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
203.86.239.106/21	203.86.239.106 (106.239.86.203.static.pacdns.com) in Pacificnet Hosting Ltd (HK) (2012.4.12-14) Malicious and huge smtp relay attempts (total 130 relay attempts). The relaying attempts continues and continues.
74.7.153.3/16	74.7.153.3 (remote.hwhomes.com) in Hawkins-Welwood Homes in CBEYOND COMMUNICATIONS, LLC (US) (2012.4.11-14) Malicious and huge smtp relay attempts (total 90 relay attempts). The relaying attempts continues and continues
210.66.243.79/16	The criminals' host 210.66.243.79 (h79-210-66-243.seed.net.tw) in New Century InfoComm Tech. Co., Ltd. (新世紀資通股份有限公司) (TW) (2012.4.10-14) Malicious and huge smtp relay attempts (total 101 relay attempts). The relaying attempts continues and continues.
96.55.7.106/13	96.55.7.106 (S0106000fcbfe4230.vs.shawcable.net) in Shaw Communications Inc. (CA) (2012.4.12-14) Malicious and huge smtp relay attempts (100 relay attempts).
119.226.135.75/24	119.226.135.75 (segment-119-226.sify.net) in Sify Limited (IN) (2012.4.13-14) Malicious and huge smtp relay attempts (95 relay attempts).
124.207.34.134/13	124.207.34.134 in Beijing Sanxin Shidai Co. Ltd in BEIJING TELETRON DATA CENTER (北京电信通电信工程有限公司) (CN) (2012.4.8, mail error 2012.4.13) Malicious and huge ssh brute force attack (355 and more login attempts) focusing on the root password. The contact e-mail address bill.pang@bj.datadragon.net does not work because of '<bill.pang@bj.datadragon.net>: connect to bj.datadragon.net[211.147.3.134]: Connection timed out' (2012.4.13) Add 124.200.0.0/13 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.4.13) Malicious and huge ssh brute force attack (25 login attempts). This is the 20th attack by the criminal 119.188.7.185 since Apr 11 2012, Apr 10 2012, Mar 29 2012, Mar 27 2012, Mar 23 2012, Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.4.13, 2012.4.11, 2012.4.10, 2012.3.29, 2012.3.27, 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.4.13) Malicious and huge ssh brute force attack (2 login attempts) focusing on the root password onlys. This is the 12th attack by the criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China since Apr 4 2012, Apr 2 2012, Apr 1 2012 (twice), Mar 31 2012 (twice), Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
203.86.239.106/21	203.86.239.106 (106.239.86.203.static.pacdns.com) in Pacificnet Hosting Ltd (HK) (2012.4.12-13) Malicious and huge smtp relay attempts (80 relay attempts).
74.7.153.3/16	74.7.153.3 (remote.hwhomes.com) in Hawkins-Welwood Homes in CBEYOND COMMUNICATIONS, LLC (US) (2012.4.11-13) Malicious and huge smtp relay attempts (60 relay attempts).
12.145.144.107/29(/8)	12.145.144.107 in HEADWEST INC in AT&T Services, Inc. (US) (2012.4.13) This is the 2nd attack by sunce Apr 11-12 2011. Malicious and huge pop brute force attack (123 and more login attempts).
111.92.237.215/20	111.92.237.215 (server111092237215.i-services.com.hk) in the criminals' heaven network I-SERVICES NETWORK SOLUTION LTD (HK) (2012.4.7, mail error 2012.4.13) Malicious and huge ssh brute force attack (162 login attempts). The contact e-mail address archy@i-services.com.hk does not work because of '<archy@i-services.com.hk>: host mail.i-services.com.hk[111.92.228.8] said: 450 4.7.1 Service unavailable; client [w.x.y.z] blocked using ddnsbl.internetdefensesystems.com (in reply to RCPT TO command)' (2012.4.13) Add 111.92.224.0/20 to the permanent block list.
203.90.136.77/18+	203.90.136.77 in the criminals' heaven network Daqing Zhongji Petroleum Communication Construction Co.,Ltd. - DQTNET (大庆油田信息港) (CN) (2012.4.8, mail error 2012.4.13) Malicious and huge ssh brute force attack (930 login attempts) focsuing on the root password. The contact e-mail address hyx@mail.dqt.com.cn does not work because of '<hyx@mail.dqt.com.cn>: connect to mail.dqt.com.cn[218.97.192.6]: Connection refused' (2012.4.13) Add 203.90.128.0/18 and 203.90.192.0/19 to the permanent block list.
58.250.107.249/12	58.250.107.249 in the criminals' network China Unicom Guangdong province network (中国联通广东分公司) in China Unicom (中国联通) (CN) (2012.4.12) Malicious and huge smtp auth attempts (81 login attempts). Add 58.240.0.0/12 to the permanent block list.
202.153.191.166/19+	202.153.191.166 (202-153-191-166-static.unigate.net.tw) in UNI-GATE TELECOM (領航電信) (TW) (2012.4.12) Malicious and huge ssh brute force attack (302 login attempts).
210.66.243.79/16	210.66.243.79 (h79-210-66-243.seed.net.tw) in New Century InfoComm Tech. Co., Ltd. (新世紀資通股份有限公司) (TW) (2012.4.11-12) Malicious and huge smtp relay attempts (60 relay attempts).
206.222.58.248/19	206.222.58.248 (dialup-206.222.58.248.omnilec.com) in OmniLEC in NTT America, Inc. (US) (2012.4.11-12) Malicious and huge smtp relay attempts (85 relay attempts). We received an automatic receipt from NTT Communications Abuse Team. (2012.4.12).
176.223.67.7/24	176.223.67.7 in SC ENERGY SWING SRL (BALOTA IONUT-VASILE, SC ENERGY SWING SRL, Campului, Nr 14A, Tuzla Constanta) (RO) (2012.4.12) Malicious and huge ssh brute force attack (51 and more login attempts).
12.145.144.107/8	12.145.144.107 in HEADWEST INC in AT&T Services, Inc. (US) (2012.4.11-12) Malicious and huge pop brute force attack (571 login attempts).
203.45.2.68/13+	203.45.2.68 (beechw.lnk.telstra.net) in Telstra Internet (AU) (2012.4.10-12) Malicious and huge smtp relay attempts (80 relay attempts). Add 203.34.252.0/22, 203.35.0.0/16, 203.36.0.0/14, 203.40.0.0/13, 203.48.0.0/14, 203.52.0.0/15, 203.54.0.0/16 and 203.55.0.0/23 to the permanent block list.
98.191.106.19/11	98.191.106.19 (wsip-98-191-106-19.ph.ph.cox.net = www.levredgetech.com) in levrEdge Technologies in Cox Communications Inc (US) (2012.4.10-11) Malicious and huge smtp relay attempts (70 relay attempts). We received an automatic receipt from Cox Communications Inc. (2012.4.12).
59.60.9.2/11+	59.60.9.2 in CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.4.11) Malicious and huge ssh brute force attack (1,516 and more login attempts) focusing on the root password. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.4.11) Malicious and huge ssh brute force attack (10 login attempts). This is the 19th attack by the criminal 119.188.7.185 since Apr 10 2012, Mar 29 2012, Mar 27 2012, Mar 23 2012, Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.4.11, 2012.4.10, 2012.3.29, 2012.3.27, 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
189.26.236.88/8+	189.26.236.88 (189.26.236.88.static.gvt.net.br) in Global Village Telecom (BR) (2012.4.10) Malicious and huge ssh brute force attack (65 login attempts) focusing on the root password. Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
61.244.245.198/16	61.244.245.198 (061244245198.static.ctinets.com = www.skyview.hk) in Skyview Optical Co. Ltd. in CITY TELECOM (HK) LTD (城市電訊(香港)有限公司) (HK) (2012.4.10) Malicious and huge smtp auth attempts (54 login attempts).
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.4.10) Malicious and huge ssh brute force attack (10 login attempts). This is the 18th attack by the criminal 119.188.7.185 since Mar 29 2012, Mar 27 2012, Mar 23 2012, Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.4.10, 2012.3.29, 2012.3.27, 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
106.187.88.241/21(/10)	106.187.88.241 (li408-241.members.linode.com) in Linode, LLC in KDDI CORPORATION (JP) (2012.4.10) Malicious and huge pop brute force attack (54 login attempts).
202.47.160.12/19	202.47.160.12 in the criminals' heaven network HICOM (Fadzly Zainuddin, Selangor, Malaysia) in Puncak Semangat Technology Sdn Bhd (MY) (2012.4.9) Malicious and huge ssh brute force attack (1,255 and more login attempts). The contact e-mail address fadzly@plexus.net does not work because of '<fadzly@plexus.net>: Host or domain name not found. Name service error for name=antivirus.plexus.net type=A: Host not found' (2012.4.9) Add 202.47.160.0/19 to the permanent block list.
107.0.71.68/14+	107.0.71.68 (107-0-71-68-ip-static.hfc.comcastbusiness.net) in Comcast Cable Communications, Inc. (US) (2012.4.8) Malicious and huge ssh brute force attack (357 login attempts).
164.177.157.69/19	164.177.157.69 (164-177-157-69.static.cloud-ips.co.uk) in UK Rackspace.com (GB) (2012.4.7) Malicious and huge ssh brute force attack (158 login attempts). We received an automatic receipt from Rackspace AUP Department. (2012.4.7).
114.34.32.237/12	114.34.32.237 (114-34-32-237.HINET-IP.hinet.net) in CHTD, Chunghwa Telecom Co.,Ltd. (TW) (2012.4.6) Malicious and huge http vulnerability probes (50 probes). The contact e-mail address z121338@gsn.gov.tw expanded from gotmail@ms1.gsn.gov.tw expanded from network-adm@hinet.net does not work because of 'mail.local: /var/mail/z/z121338: Disc quota exceeded 554 z121338@gsn.gov.tw... Service unavailable' (2012.4.6) We received an automatic receipt from HiNet Security Operation Center. (2012.4.6).
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminal IPLAN in República Argentina. (AR) (2012.4.6) Malicious and huge ssh brute force attack (10 login attempts). This is the 11th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 27 2012, Mar 17 2012, Mar 16 2012, Mar 15 2011, Mar 12 2012, Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
82.91.22.118/16	82.91.22.118 (host118-22-static.91-82-b.business.telecomitalia.it) in Telecom Italia S.p.A. (IT) (2012.4.5) Malicious and huge pop brute force attack (63 login attempts).
211.224.108.50/10+	211.224.108.50 (www.epivalley.com) in (ju)epibaelri in Korea Telecom (KR) (2012.4.5) Malicious and huge ssh brute force attack (151 login attempts) focusing on the root password. Add 211.168.0.0/13, 211.176.0.0/12 and 211.192.0.0/10 to the permanent block list.
200.42.220.228/7	200.42.220.228 (BondingZM228.tricom.net) in TRICOM (DO) (2012.4.4) Malicious and huge pop brute force attack (65 login attempts). Add 200.0.0.0/7 to the permanent block list.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.4.4) Malicious and huge ssh brute force attack (10 login attempts) focusing on the root password. This is the 12th attack by the criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China since Apr 2 2012, Apr 1 2012 (twice), Mar 31 2012 (twice), Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
203.109.101.118/18	203.109.101.118 (118-101-109-203.static.youbroadband.in) in YOU Broadband & Cable India Ltd. in YOU Telecom India Pvt Ltd (IN) (2012.4.4) Malicious and huge ssh brute force attack (454 login attempts) focusing on the root password.
58.251.51.9/12	58.251.51.9 (reverse.gdsz.cncnet.net) in China-ComService in CNC Group CHINA169 Guangdong Province Network in China Unicom Guangdong province network (中国联通广东分公司) in China Unicom (中国联通) (CN) (2012.4.3) Malicious and huge ssh brute force attack (2,160 login attempts). Add 58.240.0.0/12 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.29，mail error 2012.4.3) Malicious and huge ssh brute force attack (35 login attempts). This is the 17th attack by the criminal 119.188.7.185 since Mar 27 2012, Mar 23 2012, Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. The contact e-mail address abuse@cnc-noc.net does not work because of '<abuse@cnc-noc.net>: connect to mx.cnc-noc.net[202.108.67.232]: server refused mail service' (2012.4.3) Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.29, 2012.3.27, 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
173.212.243.122/18	173.212.243.122 (server.lordhost.org) in LORDhost.org in Network Operations Center Inc. (US) (PO Box 591, Scranton, PA, 18501-0591, US) (2012.4.2) Malicious and huge pop brute force attack (123 and more login attempts). We received a receipt from BurstNET Technologies, Inc. (2012.4.2). We received a good report from BurstNET Technologies, Inc. (2012.4.3).
46.228.204.178/20	46.228.204.178 (e292.enterprise.fastwebserver.de) in myLoc Colocation in fibre one networks GmbH (DE) (2012.4.2) Malicious and huge ssh brute force attack (64 login attempts) focusing on the root password.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.4.2) Malicious and huge ssh brute force attack (5 login attempts) focusing on the root password. This is the 11th attack by the criminal 59.60.7.111 since Apr 1 2012 (twice), Mar 31 2012 (twice), Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.4.1) Malicious and huge ssh brute force attack (5 login attempts) focusing on the root password. This is the 10th attack by the criminal 59.60.7.111 since Apr 1 2012 (today), Mar 31 2012 (twice), Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
64.20.40.58/19	64.20.40.58 (server.centorian.com) in Centorian.com in Interserver, Inc (US) (2012.4.1) Malicious and huge ssh brute force attack (2,160 login attempts) focusing on the root password.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.4.1) Malicious and huge ssh brute force attack (6 login attempts) focusing on the root password. This is the 9th attack by the criminal 59.60.7.111 since Mar 31 2012 (twice), Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
207.223.117.235/20	207.223.117.235 in TekLinks, Inc. (US) (2012.3.31) Malicious and huge smtp auth attempts (64 login attempts).
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.3.31) Malicious and huge ssh brute force attack (23 login attempts) focusing on the root password. This is the 8th attack by the criminal 59.60.7.111 since Mar 31 2012 (today), Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.3.31) Malicious and huge ssh brute force attack (26 login attempts) focusing on the root password. This is the 7th attack by the criminal 59.60.7.111 since Mar 29 2012, Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
124.167.225.154/13	124.133.48.92 in CNC Group CHINA169 Shan1xi Province Network in China Unicom Shan1xi province network (中国联合网络通信有限公司山西省分公司) in CHINA UNICOM (中国联通). (CN) (2012.3.31) Malicious and huge ssh brute force attack (29 login attempts) focusing on the root password. Add 124.160.0.0/13 to the permanent block list.
190.82.95.22/8+	190.82.95.22 (190-82-95-22.static.tie.cl) in MAESTRANZA ISTRIA in Telefonica Internet (CL) (2012.3.31) Malicious and huge ssh brute force attack (374 login attempts) focusing on the root password. Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
211.191.168.25/12+	211.191.168.25 in ONSE Telecom (온세텔레콤) (KR) (2012.3.30) Malicious and huge ssh brute force attack (637 login attempts) focusing on the root password. This is the 2nd attack by 211.191.168.25 since Mar 9 2011. Add 211.168.0.0/13, 211.176.0.0/12 and 211.192.0.0/10 to the permanent block list.
201.13.255.119/7	201.13.255.119 (201-13-255-119.dsl.telesp.net.br) in the criminals' heaven network TELEF?NICA BRASIL S.A (BR) (2012.3.25, mail error 2012.3.30) Malicious and huge pop brute force attack (72 login attempts). The contact e-mail address security@telesp.net.br does not work because of '<security@telesp.net.br>: connect to gbrsecurity02.telesp.net.br[200.171.222.87]: Connection timed out' (2012.3.30) Add 200.0.0.0/7 to the permanent block list.
217.41.38.67/12	85.214.100.132 (mail.chapelroad.co.uk) in chapelroad.co.uk in BT OPENWORLD (GB) (2012.3.29) Malicious and huge pop brute force attack (480 login attempts).
24.99.226.13/15	24.99.226.13 (c-24-99-226-13.hsd1.ga.comcast.net = myoffice.icanreach.com) in IcanReach Networksc in Comcast Cable Communications Holdings, Inc (US) (2012.3.29) Malicious and huge pop brute force attack (69 and more login attempts).
210.41.56.6/	210.41.56.6 (mail.scfai.edu.cn) in the criminals' paradise Sichuan Fine Arts Institute (四川美术学院) (CN) (2012.3.29) Malicious and huge ssh brute force attack (113 login attempts) focusing on the root password. The contact e-mail address finearts@public.cta.cq.cn does not work because of '<finearts@public.cta.cq.cn>: host fmail.cta.cq.cn[61.128.128.115] said: 550 <finearts>, No such user. (in reply to RCPT TO command)' (2012.3.28) Add 210.25.0.0/16, 210.26.0.0/15, 210.28.0.0/14 and 210.32.0.0/12 to the permanent block list.
69.162.82.25/18	69.162.82.25 (25-82-162-69.static.reverse.lstn.net) in Limestone Networks, Inc. (US) (2012.3.29) Malicious and huge pop brute force attack (165 login attempts).
66.197.134.117/17	66.197.134.117 (static.dnsarrow.com) in SouthWest Technologies in Network Operations Center Inc. (US) (PO Box 591, Scranton, PA, 18501-0591, US) (2012.3.29) Malicious and huge pop brute force attack (334 login attempts). hostnoc.net also seems be famous for spammer and serving phishing pages. We received a receipt from BurstNET Technologies, Inc. (2012.3.29). We received a good report from BurstNET Technologies, Inc. (2012.3.30).
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.29) Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password only. This is the 6th attack by the criminal 59.60.7.111 since Mar 28 2012, Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
203.34.37.62/24	203.34.37.62 in YOKOZUNANET (enkhjargal damdinsuren, ulaanbaatar, mongolia) (MN) (2012.3.28) Malicious and huge ssh brute force attack (507 login attempts) focusing on the root password. The contact e-mail address enkhjargal@newcomsystems.mn does not work because of '<enkhjargal@newcomsystems.mn>: Name service error for newcomsystems.mn: Host not found' (2012.3.28) Add 203.34.37.0/24 to the permanent block list.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.28) Malicious and huge ssh brute force attack (1 login attempts) focusing on the root password. This is the 5th attack by the criminal 59.60.7.111 since Mar 27 2012, Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
217.118.24.95/20	217.118.24.95 (loft2293.serverloft.com) in INTERGENIA in NMC PlusServer AG (DE) (2012.3.28 again) Malicious and huge ssh brute force attack (32 login attempts) focusing on the root password. This is the 3rd attack by 217.118.24.95 (loft2293.serverloft.com) since Mar 28 2012 (today) and Mar 27 2012. We received an automatic receipt from PlusServe Abuse Desk. (2012.3.28).
62.90.226.70/16	62.90.226.70 (62-90-226-70.barak.net.il) in 013 NetVision Ltd (IL) (2012.3.28) Malicious and huge ssh brute force attack (28 login attempts) focusing on the root password.
217.118.24.95/20	217.118.24.95 (loft2293.serverloft.com) in INTERGENIA in NMC PlusServer AG (DE) (2012.3.28) Malicious and huge ssh brute force attack (32 login attempts) focusing on the root password. This is the 2nd attack by 217.118.24.95 (loft2293.serverloft.com) since Mar 27 2012.
62.141.42.216/20	62.141.42.216 (b216.blue.fastwebserver.de) in fast IT Colocation in fibre one networks GmbH (DE) (2012.3.27) Malicious and huge ssh brute force attack (262 login attempts) focusing on the root password.
217.118.24.95/20	217.118.24.95 (loft2293.serverloft.com) in INTERGENIA in NMC PlusServer AG (DE) (2012.3.27) Malicious and huge ssh brute force attack (32 login attempts) focusing on the root password.
222.87.204.14/11+	The criminals' host 222.87.204.14 in CHINANET Guizhou province network (中国电信股份有限公司贵州分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.27) Malicious and huge ssh brute force attack (13 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 222.87.204.14 since Mar 21 2012. Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
59.60.7.111/11+	The criminal 59.60.7.111 in the criminal Xiamen HaiJingHotel fujian province in the criminl CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.27) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password. This is the 4th attack by the criminal 59.60.7.111 since Mar 24 2012, Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.27) Malicious and huge ssh brute force attack (35 login attempts). This is the 16th attack by the criminal 119.188.7.185 since Mar 23 2012, Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.27, 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminal IPLAN in República Argentina. (AR) (2012.3.27) Malicious and huge ssh brute force attack (25 login attempts). This is the 10th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 17 2012, Mar 16 2012, Mar 15 2011, Mar 12 2012, Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
123.215.30.134/14	123.215.30.134 in NATE (네이트) (NATE = Hanaro Telecom Inc.) in SK Broadband Co Ltd (SK브로드밴드) (KR) (2012.3.26) Malicious and huge ssh brute force attack (627 login attempts). Add 123.212.0.0/14 to the permanent block list.
210.183.236.30/14+	210.183.236.30 in jaedanbeobingangreungjeongbosaneobjinheungwon in Korea Telecom (KR) (2012.3.25) Malicious and huge ssh brute force attack (44 login attempts) focusing on the root password. Add 210.178.0.0/15 and 210.180.0.0/14 to the permanent block list.
208.115.200.37/18	208.115.200.37 (37-200-115-208.static.reverse.lstn.net) in Limestone Networks, Inc. (US) (2012.3.25) Malicious and huge ssh brute force attack (67 and more login attempts).
109.61.8.240/17	109.61.8.240 (109-61-8-240.adsl-fix.dravanet.hu) in HU-Dravanet (Drávanet) (HU) (2012.3.25) Malicious and huge ssh brute force attack (61 and more login attempts). The contact e-mail address richardk@tvnetwork.hu does not work because of '<richardk@tvnetwork.hu>: host smtp.tvnetwork.hu[109.61.0.51] said: 550 user not found (in reply to RCPT TO command)' (2012.3.25) Add 109.61.0.0/17 to the permanent block list.
103.10.170.163/23	103.10.170.163 (ip-163-170.transtech.co.id) in the criminals' heaven network PT Transtech Communication Media (ID) (2012.3.25) Malicious and huge ssh brute force attack (139 and more login attempts). The contact e-mail address ratno@transtech.co.id does not work because of '<ratno@transtech.co.id>: host webmail.transtech.co.id[103.10.170.14] said: 554 5.7.1 Service unavailable; Client host [w.x.y.z] blocked using b.barracudacentral.org;' (2012.3.25) Add 103.10.170.0/23 to the permanent block list.
50.73.218.202/19(/16)	50.73.218.202 (50-73-218-202-philadelpia.hfc.comcastbusiness.net) in Comcast Business Communications, LLC (US) (2012.3.24) Malicious and huge ssh brute force attack (64 login attempts).
59.60.7.111/11+	The criminal 59.60.7.111 in the criminals' paradise Xiamen HaiJingHotel fujian province in the criminls' paradise CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.24) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password. This is the 3rd attack by the criminal 59.60.7.111 since Mar 18 2012 and Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.23) Malicious and huge ssh brute force attack (26 login attempts). This is the 15th attack by the criminal 119.188.7.185 since Mar 16 2012, Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.23, 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
61.43.139.77/14+	61.43.139.77 in BORANET- LG DACOM Corporation (LG유플러스) (KR) (2012.3.23) Malicious and huge ssh brute force attack (54 and more login attempts) focusing on the root password. Add 61.32.0.0/13 and 61.40.0.0/14 to the permanent block list.
218.78.209.118/11+	218.78.209.118 in CHINANET shanghai province network (中国电信上海信息产业(集团)有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.22-23) Malicious and huge pop brute force attack (2,851 and more login attempts). Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
112.175.183.149/11+	112.175.183.149 in Korea Telecom (KR) (2012.3.22) Malicious and huge ssh brute force attack (124 and more login attempts) focusing on the root password. The contact e-mail address kornet_ip@kt.com does not work because of 'Final-Recipient: rfc822;kornet_ip@kt.com / Action: failed / Status: 5.2.2 / Diagnostic-Code: smtp;554-5.2.2 mailbox full' (2012.3.22) Add 112.144.0.0/12 and 112.160.0.0/11 to the permanent block list.
204.232.201.223/17	204.232.201.223 (lescalepins.com) in lescalepins.com in Slicehost in Rackspace.com (US) (2012.3.22) Malicious and huge ssh brute force attack (63 login attempts). We received an automatic receipt from Rackspace AUP Department. (2012.3.22).
218.248.66.185/16	218.248.66.185 (static.ill.218.248.66.185/24.bsnl.in = cdmanorth.bsnl.in) in cdmanorth.bsnl.in in Bharat Sanchar Nigam Limited (IN) (2012.3.22) Malicious and huge ssh brute force attack (2,814 login attempts). The contact e-mail address abuse@bsnl.in does not work because of '<abuse@bsnl.in>: host mx3.bsnl.in[218.248.240.75] said: 550 Recipient Suspended (in reply to RCPT TO command)' (2012.3.22) Add 218.248.0.0/16 to the permanent block list.
122.146.199.190/15	122.146.199.190 (1122-146-199-190.static.sparqnet.net) in New Century InfoComm Tech. Co., Ltd. (新世紀資通股份有限公司) (TW) (2012.3.22) Malicious and huge ssh brute force attack (121 login attempts) focusing on the root password.
222.87.204.14/11+	222.87.204.14 in CHINANET Guizhou province network (中国电信股份有限公司贵州分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.21) Malicious and huge ssh brute force attack (53 login attempts). Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
80.57.44.242/15	80.57.44.242 (g44242.upc-g.chello.nl) in chello Broadband - UPC Technology (NL) (2012.3.21) Malicious and huge ssh brute force attack (4,438 login attempts).
182.50.0.237/20+	182.50.0.237 in Beijing Linktom Technology Co.,Ltd. (互联互通) (CN) (2012.3.21) Malicious and huge ssh brute force attack (504 login attempts). Add 182.49.0.0/16 and 182.50.0.0/20 to the permanent block list.
12.96.145.150/28(/8)	12.96.145.150 (mail.friendshiphcs.com) in the criminals' heaven network FRIENDSHIP HEALTHCARE SERVICES in AT&T Services, Inc. (US) (2012.3.21) Malicious and huge pop brute force attack (72 login attempts). The contact e-mail address jplantigan@friendshiphcs.com does not work because of '<jplantigan@friendshiphcs.com>: host mail.friendshiphcs.com[12.96.145.150] said: 550 cuda_nsu 5.1.1 User unknown (in reply to RCPT TO command)' (2012.3.21) Add 12.96.145.144/28 to the permanent block list.
124.219.23.68/17	124.219.23.68 (124-219-23-68.vdslpro.static.apol.com.tw) in Asia Pacific On-line Services Inc. (亞太電信) (TW) (2012.3.21) Malicious and huge ssh brute force attack (1,551 and more login attempts) focusing on the root password.
201.39.250.10/7	201.39.250.10 (mx2.mineracaocaraiba.com.br) in Minera??o Cara?ba S/A in Grupo de Seguran?a Internet da Embratel (BR) (2012.3.21) Malicious and huge ssh brute force attack (894 login attempts) focusing on the root password only. Add 200.0.0.0/7 to the permanent block list.
113.108.237.66/10+	113.108.237.66 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.20) Malicious and huge ssh brute force attack (225 and more login attempts) focusing on the root password. Add 113.62.0.0/15, 113.64.0.0/10 and 113.128.0.0/15 to the permanent block list.
79.144.91.55/16	79.144.91.55 (55.Red-79-144-91.dynamicIP.rima-tde.net) in RIMA - Telefonica de Espana SAU (ES) (2012.3.19) Malicious and huge pop brute force attack (1,037 login attempts). We received an automatic receipt from Nemesys Abuse Team. (2012.3.22).
67.205.102.178/18	67.205.102.178 in iWeb Technologies Inc. (CA) (2012.3.19) Malicious and huge ssh brute force attack (7,350 login attempts) focusing on the root password. Add 67.205.64.0/18 to the permanent block list.
62.219.238.196/19	62.219.238.196 (mail2.tikalnetworks.com) in Tikal Networks in BEZEQINTs (IL) (2012.3.18) Malicious and huge ssh brute force attack (50 login attempts) focusing on the root password only. We received a good receipt from Bezeq International – Abuse Team. (2012.3.20).
59.60.7.111/11+	The criminals' host 59.60.7.111 in the criminals' paradise Xiamen HaiJingHotel fujian province in the criminls' paradise CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.18) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 59.60.7.111 since Mar 11-15 2012. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
218.108.85.250/15+	218.108.85.250 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.3.18) Malicious and huge ssh brute force attack (1,440 login attempts) focusing on the root password. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.250 (Mar 18 2012), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
216.144.251.27/20	216.144.251.27 (104-210-63-74.static.reverse.lstn.net) in XenonServers.com in Limestone Networks, Inc. (US) (2012.3.18) Malicious and huge pop brute force attack (51 login attempts).
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminal IPLAN (AR) (2012.3.17) Malicious and huge ssh brute force attack (25 login attempts). This is the 9th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 16 2012, Mar 15 2011, Mar 12 2012, Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
61.132.255.107/10	The criminals' host 61.132.255.107 in CHINANET Anhui province network (中国电信股份有限公司安徽分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.17) Malicious and huge ssh brute force attack (1 login attempts). This is the 2nd attack by the criminals' host 61.132.255.107 since Dec 13 2011. Add 61.128.0.0/10 to the permanent block list.
61.155.9.239/10	61.155.128.32 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.17) Malicious and huge ssh brute force attack (58 login attempts) focusing on the root password only. Add 61.128.0.0/10 to the permanent block list.
85.114.129.177/19	85.114.129.177 ((w177.white.fastwebserver.de) in fast IT Colocation in fibre one networks GmbH (DE) (2012.3.17) Malicious and huge ssh brute force attack (57 login attempts) focusing on the root password.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminal IPLAN (AR) (2012.3.16) Malicious and huge ssh brute force attack (25 login attempts). This is the 8th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 15 2011, Mar 12 2012, Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
124.133.48.92/13+	The criminals' host 124.133.48.92 in JiNan-aindiwangliankejiyouxiangongsi in CNC Group CHINA169 Shandong Province Network in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通). (CN) (2012.3.16) Malicious and huge ssh brute force attack (138 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 124.133.48.92 since Oct 14-28 2011. Add 124.126.0.0/15 and 124.128.0.0/13 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.16) Malicious and huge ssh brute force attack (1 login attempts). This is the 14th attack by the criminal 119.188.7.185 since Mar 6 2012, Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.16, 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
210.152.137.133/17	210.152.137.133 (s210-152-137-133.z-cloud.jp = www.kobebussan.co.jp) in KOBE BUSSAN CO., LTD. in FirstServer, Inc. (JP) (2012.3.16) Malicious and huge ssh brute force attack (36 login attempts) focusing on the root password only.
61.148.75.130/10	61.148.75.130 in yingzeerceng Co. in China Unicom Beijing province network (中国联合网络通信有限公司北京市分公司) in CHINA UNICOM (中国联通) (CN) (2012.3.16) Malicious and huge ssh brute force attack (429 login attempts) focusing on the root password. Add 61.128.0.0/10 to the permanent block list.
59.60.7.111/11+	59.60.7.111 in Xiamen HaiJingHotel fujian province in CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.11-15) Malicious and huge ssh brute force attack (54 login attempts) focusing on the root password. Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
189.85.224.12/8+	189.85.224.12 (189-85-224-12.ded.unitelco.com.br) in Universal Telecom S.A. (BR) (2012.3.15) Malicious and huge ssh brute force attack (454 login attempts) focusing on the root password. Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminals' paradise IPLAN (AR) (2012.3.15) Malicious and huge ssh brute force attack (25 login attempts). This is the 6th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 12 2012, Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
113.160.144.156/16	113.160.144.156 in Dai IP dong su dung cho ket noi ADSL tai Ha Noi in VietNam Post and Telecom Corporation (VNPT) (VN) (2012.3.14) Malicious and huge ssh brute force attack (221 login attempts) focusing on the root password only.
123.22.7.200/16	123.22.7.200 in VietNam Post and Telecom Corporation (VNPT) (VN) (2012.3.14) Malicious and huge ssh brute force attack (221 login attempts) focusing on the root password only.
183.7.135.58/10+	183.7.135.58 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.14) Malicious and huge smtp auth attempts (122 login attempts). Add 183.0.0.0/10 and 183.64.0.0/13 to the permanent block list.
50.74.57.162/15	50.74.57.162 (rrcs-50-74-57-162.nyc.biz.rr.com) in the criminals' heaven network Road Runner HoldCo LLC (US) (2012.3.8, mail error 2012.3.14) Malicious and huge ssh brute force attack (38 login attempts) focusing on the root password. The contact e-mail address abuse@rr.com does not work because of '<abuse@rr.com>: connect to hrndva-postmx01.mail.rr.com[71.74.56.227]: Connection timed out (2012.3.14) Add 50.74.0.0/15 to the permanent block list.
69.65.6.36/20(/18)	69.65.6.36 in Ecomdevel, LLC in coloquest.com in IPNAP / GigeNET (US) (2012.3.13) Malicious and huge ssh brute force attack (114 and more login attempts).
222.45.235.77/11+	The criminals' host 222.45.235.77 in CHINA RAILWAY TELECOMMUNICATIONS CENTER (中国铁通). (CN) (2012.3.13) Malicious and huge ssh brute force attack (9 login attempts). This is the 2nd attack by the criminals' host 222.45.235.77 since Nov 7 2011. Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
82.7.165.5/14(/11)	The criminals' host 82.7.165.5 in NTL Internet / Virgin Media (GB) (2012.3.13) Malicious and huge pop brute force attack (57 login attempts). This is the 2nd attack by the criminals' host 82.7.165.5 since Feb 13 2012. Add 82.4.0.0/14 to the permanent block list.
209.239.114.13/20	209.239.114.13 (usloft1029.serverloft.com) in Hosting Solutions International, Inc. in serverloft (US) (2012.3.13) Malicious and huge ssh brute force attack (182 login attempts) focusing on the root password. We received a good receipt from Hosting Solutions International, Inc. (2012.3.13).
209.142.0.120/18	209.142.0.120 (209-142-0-120.stk.static.inreach.net) in InReach Internet (US) (2012.3.12) Malicious and huge ssh brute force attack (114 login attempts) focusing on the root password.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminal NSS S.A. in the criminals' paradise IPLAN (AR) (2012.3.12) Malicious and huge ssh brute force attack (25 login attempts). This is the 6th attack by the criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 7 2012, Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminals' comapny MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.3.12 twice) Malicious and huge ssh brute force attack (23 login attempts) focusing on the root password only. This is the 21st attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminals' company MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Mar 12 2012 (taoday), Mar 1 2012, eb 29 2012, Feb 28 2012 (twice), Feb 24 2012, Feb 22 2012, Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
213.128.83.108/19	213.128.83.108 (213-128-83-108.turkrdns.com) in Sayfa Net (TR) (2012.3.12) Malicious and huge ssh brute force attack (40 and more login attempts) focusing on the root password. Add 213.128.64.0/19 to the permanent block list.
74.63.210.104/18	74.63.210.104 (104-210-63-74.static.reverse.lstn.net) in Limestone Networks, Inc. (US) (2012.3.12) Malicious and huge pop brute force attack (54 login attempts).
183.7.85.61/10+	183.7.85.61 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.12) Malicious and huge smtp auth attempts (122 login attempts). Add 183.0.0.0/10 and 183.64.0.0/13 to the permanent block list.
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminals' comapny MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.3.12) Malicious and huge ssh brute force attack (23 login attempts) focusing on the root password only. This is the 20th attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminals' company MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Mar 1 2012, eb 29 2012, Feb 28 2012 (twice), Feb 24 2012, Feb 22 2012, Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
122.227.232.158/12+	The criminals' host 122.227.232.158 in NINGBO-TIANTIAN-LTD in the criminals' network CHINANET-ZJ Ningbo (中国电信浙江分公司) in the crimianls' heaven network CHINA TELECOM (中国电信集团公司) (CN) (2012.3.12) Malicious and huge ssh brute force attack (46 login attempts). This is the 2nd attack by the criminals' host 122.227.232.158 since Mar 6-11 2012. The contact e-mail address anti_spam@mail.nbptt.zj.cn does not work because of '<anti_spam@mail.nbptt.zj.cn>: host mx.mailzj.cn[60.191.88.156] said: 550 #2175042 looks like spam mail box is full (in reply to DATA command)' (2012.3.12) Add 122.224.0.0/12 and 122.240.0.0/13 to the permanent block list.
116.55.245.45/14+	116.55.245.45 (45.245.55.116.broad.km.yn.dynamic.163data.com.cn) in CHINANET yunnan province network in the criminals' heaven network CHINA TELECOM (中国电信集团公司) (CN) (2012.3.11) Malicious and huge ssh brute force attack (44 login attempts) focusing on the root password. The contact e-mail address ynipm@126.com does not work because of '<ynipm@126.com>: host 126mx01.mxmail.netease.com[220.181.15.134] said: 550 User not found: ynipm@126.com (in reply to RCPT TO command)' (2012.3.12) Add 116.52.0.00/14 and 116.56.0.00/15 to the permanent block list.
183.7.90.58/10+	183.7.90.58 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.11) Malicious and huge smtp auth attempts (122 login attempts). Add 183.0.0.0/10 and 183.64.0.0/13 to the permanent block list.
64.246.178.2/19	64.246.178.2 in Compass Communications, Inc. (US) (2012.3.6, mail error 2012.3.11) Malicious and huge ssh brute force attack (122 login attempts). The contact e-mail address hostmaster@ccom.net does not work because of '<hostmaster@ccom.net>: connect to spb.mrelay.com[64.246.178.123]: Connection timed out' (2012.3.11) Add 64.246.160.0/19 to the permanent block list.
122.227.232.158/12+	122.227.232.158 in NINGBO-TIANTIAN-LTD in the criminals' heaven network CHINANET-ZJ Ningbo (中国电信浙江分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.6-11) Malicious and huge ssh brute force attack (92 login attempts) focusing on the root password. The contact e-mail address anti_spam@mail.nbptt.zj.cn does not work because of '<anti_spam@mail.nbptt.zj.cn>: host mx.mailzj.cn[60.191.88.156] said: 550 #2175042 looks like spam mail box is full (in reply to DATA command)' (2012.3.11) Add 122.224.0.0/12 and 122.240.0.0/13 to the permanent block list.
91.193.220.170/21+	91.193.220.170 in Lofis LLC (ЛОИС-нэт) (RU) (2012.3.10) Malicious and huge ssh brute force attack (96 login attempts) focusing on the root password only. Add 91.193.212.0/22, 91.193.216.0/21 and 91.193.224.0/21 to the permanent block list.
219.71.160.91/15	219.71.160.91 in Hoshin Multimedia Center Inc in kbtelecom.net (中嘉和網股份有限公司) (TW) (2012.3.10) Malicious and huge ssh brute force attack (259 login attempts) focusing on the root password.
201.42.143.100/7	201.42.143.100 (201-42-143-100.dsl.telesp.net.br) in TELEF?NICA BRASIL S.A (BR) (2012.3.4, mail error 2012.3.10) Malicious and huge ssh brute force attack (84 and more login attempts) focusing on the root password. The contact e-mail address security@telesp.net.br does not work because of '<security@telesp.net.br>: connect to gbrsecurity02.telesp.net.br[200.171.222.87]: Connection timed out' (2012.3.10) Add 200.0.0.0/7 to the permanent block list.
96.226.123.22/11	96.226.123.22 (static-96-226-123-22.dllstx.fios.verizon.net) in Verizon Online LLC (US) (2012.3.9) Malicious and huge ssh brute force attack (5,297 login attempts) focusing on the root password.
61.188.189.172/10	61.188.189.172 (172.189.188.61.broad.nc.sc.dynamic.163data.com.cn) in CHINANET Sichuan province network (中国电信四川有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.9) Malicious and huge ssh brute force attack (42 login attempts) focusing on the root password only. Add 61.128.0.0/10 to the permanent block list.
218.26.171.20/11	218.26.171.20 (20.171.26.218.internet.sx.cn) in yingzeerceng Co. in CNC Group CHINA169 Shanxi Province Network (山西网) in CHINA UNICOM (中国联通) (CN) (2012.3.8) Malicious and huge ssh brute force attack (68 login attempts) focusing on the root password only. Add 218.0.0.0/11 to the permanent block list.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in the criminals' network NSS S.A. in the criminals' network IPLAN (AR) (2012.3.7) Malicious and huge ssh brute force attack (25 login attempts). This is the 5th attack by the criminals' host 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 5 2012, Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
80.91.181.43/19	80.91.181.43 (do.iapm.edu.ua) in Interregional Academy of Personnel Management in DATAGROUP (UA) (2012.3.7) Malicious and huge ssh brute force attack (175 login attempts) focusing on the root password.
202.144.156.46/19	202.144.156.46 (dhcp46.bt.bt) in Bhutan Telecom (BT) (2012.3.7) Malicious and huge ssh brute force attack (87 login attempts).
183.7.131.150/10+	183.7.131.150 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.6) Malicious and huge smtp auth attempts (122 login attempts). Add 183.0.0.0/10 and 183.64.0.0/13 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.6) Malicious and huge ssh brute force attack (46 login attempts). This is the 13th attack by the criminal 119.188.7.185 since Mar 4 2012, Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.6, 2012.3.4, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
219.140.165.85/11	The criminal 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch (No.1 HongShan Road Wuhan city, Hubei Province P.R.China, phone:+86-27-87811065, phone:+86-27-87897599, fax-no:+86-27-87811653) in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) (8th floor of JinGuang Building, #232 of Macao Road, HanKou Wuhan Hubei Province, P.R.China, phone:+86 27 82862199, fax-no:+86 27 82861499) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.3.6) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 18th attack by 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China since Feb 28 2012, Feb 25 2012 (twice), Feb 18 2012, Feb 16 2012, Feb 13 2012, Feb 11 2012, Feb 7 2012, Feb 6 2012, Feb 1 2012, Jan 31 2012, Jan 23 2012 (twice), Jan 20 2012, Jan 17 2012, Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
78.42.99.44/15	78.42.99.44 in Kabel Baden-Wuerttemburg GmbH & Co. KG (DE) (2012.3.5) Malicious and huge ssh brute force attack (150 login attempts) focusing on the root password only.
62.141.81.116/18	62.141.81.116 in Sovintel, aka Golden Telecom (RU) (2012.3.5) Malicious and huge ssh brute force attack (112 login attempts) focusing on the root password. Add 62.141.64.0/18 to the permanent block list.
203.157.94.20/16	203.157.94.20 in Ministry of Public Health, Thailand (TH) (2012.3.5) Malicious and huge http vulnerability probes (57 probes).
112.220.100.226/13	The criminals' host 112.220.100.226 in BORANET- LG DACOM Corporation (LG유플러스) (KR) (2012.3.5) Malicious and huge ssh brute force attack (367 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 112.220.100.226 since Mar 4 2012. Add 112.216.0.0/13 to the permanent block list.
218.23.208.79/11	218.23.208.79 in the criminals' heaven network CHINANET Anhui province network (中国电信股份有限公司安徽分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.3.5) Malicious and huge ssh brute force attack (33 login attempts) focusing on the root password only. Add 218.0.0.0/11 to the permanent block list.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in NSS S.A. in the criminals' heaven network IPLAN (AR) (2012.3.5) Malicious and huge ssh brute force attack (24 login attempts). This is the 4th attack by the criminals' host 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 2 2012 (twice) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
60.12.32.134/11	60.12.32.134 in China Unicom Zhejiang province network (浙江联通) in CHINA UNICOM (中国联通) (CN) (2012.2.28, mail error 2012.3.4) Malicious and huge ssh brute force attack (208 login attempts). The contact e-mail address ipmaster@zjnetcom.com does not work because of '<ipmaster@zjnetcom.com>: lost connection with zjnetcom.com[221.12.14.100] while sending RCPT TO' (2012.3.4) Add 60.0.0.0/11 to the permanent block list.
202.103.30.24/12+	The criminal 202.103.30.24 in the crimianal WuHan Talent Market in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.3.4) Malicious and huge ssh brute force attack (7 login attempts) focusing on the root password only. This is the 10th attack by the criminal 202.103.30.24 since Mar 1 2012, Feb 29 2012, Feb 27 2012, Feb 20 2012, Feb 19 2012, Feb 18 2012, Feb 17 2012, Feb 15 2012 and Feb 2-14 2012. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
112.220.100.226/13	112.220.100.226 in BORANET- LG DACOM Corporation (LG유플러스) (KR) (2012.3.4) Malicious and huge ssh brute force attack (367 login attempts) focusing on the root password only. Add 112.216.0.0/13 to the permanent block list.
61.145.118.190/10	The criminal 61.145.118.190 in the crimianl shanghaiwangsukejigufenyouxiang in the crimianl CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.3.4) Malicious and huge ssh brute force attack (54 login attempts). This is the 4th attack by the criminal 61.145.118.190 since Feb 28 2012, Dec 12 2011 and May 13 2011. Add 61.128.0.0/10 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.4) Malicious and huge ssh brute force attack (46 login attempts). This is the 12th attack by the criminal 119.188.7.185 since Mar 3 2012, Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.3, 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
88.12.27.38/16	88.12.27.38 (38.Red-88-12-27.staticIP.rima-tde.net) in RIMA (Red IP Multi Acceso) in Telefonica de Espana (ES) (2012.3.4) Malicious and huge ssh brute force attack (80 login attempts) focusing on the root password. We received a receipt from Nemesys Abuse Team. (2012.3.5).
211.49.170.149/11	211.49.170.149 (istyles.co.kr) in istyles.co.kr in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in NATE (네이트) (NATE = Hanaro Telecom Inc.) (KR) (2012.3.3) Malicious and huge ssh brute force attack (183 login attempts). Add 211.32.0.0/11 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.3) Malicious and huge ssh brute force attack (41 login attempts). This is the 11th attack by the criminal 119.188.7.185 since Mar 2 2012, Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.3, 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
206.212.242.98/20	206.212.242.98 (seo-host.com) in Colostore.com (US) (2012.3.3) Malicious and huge ssh brute force attack (45 login attempts) focusing on the root password only.
85.214.100.132/15	85.214.100.132 (h1943939.stratoserver.net) in Strato Rechenzentrum (DE) (2012.3.3) Malicious and huge pop brute force attack (59 login attempts).
61.19.124.106/18	61.19.124.106 (www.sirinhospital.go.th) in Sirindhorn Hospital (โรงพยาบาลสิรินธร) in CAT Telecom Public Company Ltd (TH) (2012.3.3) Malicious and huge pop brute force attack (1,362 login attempts).
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.2) Malicious and huge ssh brute force attack (58 login attempts). This is the 10th attack by the criminal 119.188.7.185 since Mar 1 2012, Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.2, 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
190.210.142.75/8	The criminal 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in NSS S.A. in IPLAN (AR) (2012.3.2) Malicious and huge ssh brute force attack (41 login attempts) focusing on the root password only. This is the 3rd attack by the criminals' host 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Mar 2 2012 (today) and Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
190.210.142.75/8	The criminals' host 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in NSS S.A. in IPLAN (AR) (2012.3.2) Malicious and huge ssh brute force attack (41 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) since Feb 16 - Mar 1 2012. Add 190.0.0.0/8 to the permanent block list.
190.210.142.75/8	190.210.142.75 (ustomer-static-210-142-75.iplannetworks.net) in NSS S.A. in IPLAN (AR) (2012.2.16-3.1) Malicious and huge ssh brute force attack (62 login attempts) focusing on the root password only. Add 190.0.0.0/8 to the permanent block list.
202.103.30.24/12+	The criminal 202.103.30.24 in the crimianal WuHan Talent Market in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.3.1) Malicious and huge ssh brute force attack (4 login attempts) focusing on the root password only. This is the 9th attack by the criminal 202.103.30.24 since Feb 29 2012, Feb 27 2012, Feb 20 2012, Feb 19 2012, Feb 18 2012, Feb 17 2012, Feb 15 2012 and Feb 2-14 2012. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminals' comapny MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.3.1) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 19th attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminal MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Feb 29 2012, Feb 28 2012 (twice), Feb 24 2012, Feb 22 2012, Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.3.1) Malicious and huge ssh brute force attack (41 login attempts). This is the 9th attack by the criminal 119.188.7.185 since Feb 26 2012, Feb 25 2012, Feb 12 2012, Dec 24 2012, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.3.1, 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
69.162.82.58/20	69.162.82.58 (58-82-162-69.static.reverse.lstn.net) in XenonServers.com in Limestone Networks, Inc. (US) (2012.3.1) Malicious and huge smtp auth attempts (100 login attempts).
200.201.200.91/7	200.201.200.91 in MATRIX INTERNET S.A.. (BR) (2012.2.29) Malicious and huge ssh brute force attack (357 login attempts). Add 200.0.0.0/7 to the permanent block list.
210.75.6.55/14+	210.75.6.55 in NovaNetwork (南凌科技). (CN) (2012.2.29) Malicious and huge ssh brute force attack (187 login attempts) focusing on the root password only. Add 210.72.0.0/14, 210.76.0.0/15 and 210.78.0.0/16 to the permanent block list.
60.210.0.18/12+	60.210.0.18 in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通). (CN) (2012.2.11-29) Malicious and huge ssh brute force attack (60 login attempts). Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminals' comapny MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.2.29) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 18th attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminal MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminals' paradise SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Feb 28 2012 (twice), Feb 24 2012, Feb 22 2012, Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
202.103.30.24/12+	The criminal 202.103.30.24 in the crimianal WuHan Talent Market in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.2.29) Malicious and huge ssh brute force attack (10 login attempts) focusing on the root password only. This is the 8th attack by the criminal 202.103.30.24 since Feb 27 2012, Feb 20 2012, Feb 19 2012, Feb 18 2012, Feb 17 2012, Feb 15 2012 and Feb 2-14 2012. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
89.207.135.166/21	89.207.135.166 in Snel Internet Services B.V. (NL) (2012.2.29) Malicious and huge ssh brute force attack (676 login attempts). We received an automatic receipt from Snel Internet Services B.V.. (2012.2.29). We received a good report from Snel Internet Services B.V.. (2012.2.29).
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminals' comapny MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.2.28) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 17th attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminal MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Feb 28 2012 (today), Feb 24 2012, Feb 22 2012, Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
219.140.165.85/11	The criminal 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch (No.1 HongShan Road Wuhan city, Hubei Province P.R.China, phone:+86-27-87811065, phone:+86-27-87897599, fax-no:+86-27-87811653) in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) (8th floor of JinGuang Building, #232 of Macao Road, HanKou Wuhan Hubei Province, P.R.China, phone:+86 27 82862199, fax-no:+86 27 82861499) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.2.28) Malicious and huge ssh brute force attack (2 login attempts) focusing on the root password only. This is the 17th attack by 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China since Feb 25 2012 (twice), Feb 18 2012, Feb 16 2012, Feb 13 2012, Feb 11 2012, Feb 7 2012, Feb 6 2012, Feb 1 2012, Jan 31 2012, Jan 23 2012 (twice), Jan 20 2012, Jan 17 2012, Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminals' comapny MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.2.28) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 16th attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminal MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Feb 24 2012, Feb 22 2012, Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
222.39.47.90/11+	222.39.47.90 in Beijing hayuxingshegn Co., Ltd in CHINA RAILWAY TELECOMMUNICATIONS CENTER (中国铁通) (CN) (2012.2.28) Malicious and huge ssh brute force attack (68 login attempts) focusing on the root password only. Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
61.145.118.190/10	The criminal 61.145.118.190 in the crimianls' heaven network shanghaiwangsukejigufenyouxiang in the crimianls' heaven network CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.2.28) Malicious and huge ssh brute force attack (54 login attempts). This is the 3rd attack by the criminals' host 61.145.118.190 since Dec 12 2011 and May 13 2011. Add 61.128.0.0/10 to the permanent block list.
216.144.250.145/20	216.144.250.145 (145-250-144-216.static.reverse.lstn.net) in XenonServers.com in Limestone Networks, Inc. (US) (2012.2.27) Malicious and huge pop brute force attack (84 and more login attempts).
202.103.30.24/12+	The criminal 202.103.30.24 in the crimianal WuHan Talent Market in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.2.27) Malicious and huge ssh brute force attack (10 login attempts) focusing on the root password only. This is the 7th attack by the criminal 202.103.30.24 since Feb 20 2012, Feb 19 2012, Feb 18 2012, Feb 17 2012, Feb 15 2012 and Feb 2-14 2012. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
27.115.6.2/17	27.115.6.2 in caishengcai-food-Ltd in CHINA UNICOM Shanghai city network (中国联通上海分公司) in CHINA UNICOM (中国联通) (CN) (2012.2.27) Malicious and huge ssh brute force attack (48 login attempts) focusing on the root password. Add 27.115.0.0/17 to the permanent block list.
213.243.116.99/18	The criminal 213.243.116.99 (host-99-116-243-213.rusmedia.ru) in VOSKHOD-NET in Rusmedia NCC (SYNTERRA Joint Stock Company, Voroncovskaya St., 35"B"/3, 109147 Moscow, Russia) (RU) (2012.2.27) Malicious and huge ssh brute force attack (5 login attempts) focusing on the root password only. This is the 3rd attack by the criminal 213.243.116.99 (host-99-116-243-213.rusmedia.ru) since Feb 24 2012 and Feb 22 2012. Add 213.243.64.0/18 to the permanent block list.
125.71.200.66/11+	125.71.200.66 in CHINANET Sichuan province network (中国电信四川有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.2.27) Malicious and huge ssh brute force attack (199 login attempts) focusing on the root password. Add 125.61.128.0/17, 125.62.0.0/15, 125.64.0.0/11, 125.96.0.0/15 and 125.98.0.0/16 to the permanent block list.
218.145.31.4/12	218.145.31.4 in Korea Telecom (KR) (2012.2.26) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password only. This is the 2nd attack by 218.145.31.4 since Feb 26 2012 (today). Add 218.144.0.0/12 to the permanent block list.
218.145.31.4/12	218.145.31.4 in Korea Telecom (KR) (2012.2.26) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password only. Add 218.144.0.0/12 to the permanent block list.
222.237.78.142/13	The criminal 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) in the criminal roadmarker.kr in the criminal tongkni (통큰아이) in the criminal SK Broadband Co Ltd (SK브로드밴드) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea (KR) (2012.2.26) Malicious and huge ssh brute force attack (312 login attempts). This is the 5th attack by the criminal 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) since Jan 23 2012, Dec 31 2011, Dec 12 2011 and Sep 9 2011. Add 222.232.0.0/13 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.2.26) Malicious and huge ssh brute force attack (15 login attempts) focusing on the root password. This is the 8th attack by the criminal 119.188.7.185 since Feb 15 2012, Feb 12 2012, Dec 24 2011, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.2.26, 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
94.228.192.82/20	94.228.192.82 in Uniontel ZAO (RU) (2012.2.26) Malicious and huge ssh brute force attack (52 and more login attempts). Add 94.228.192.0/20 to the permanent block list.
219.140.165.85/11	The criminal 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch (No.1 HongShan Road Wuhan city, Hubei Province P.R.China, phone:+86-27-87811065, phone:+86-27-87897599, fax-no:+86-27-87811653) in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) (8th floor of JinGuang Building, #232 of Macao Road, HanKou Wuhan Hubei Province, P.R.China, phone:+86 27 82862199, fax-no:+86 27 82861499) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.2.25) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 16th attack by 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China since Feb 25 2012 (today), Feb 18 2012, Feb 16 2012, Feb 13 2012, Feb 11 2012, Feb 7 2012, Feb 6 2012, Feb 1 2012, Jan 31 2012, Jan 23 2012 (twice), Jan 20 2012, Jan 17 2012, Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
91.227.220.114/22	91.227.220.114 in VooServers Ltd (GB) (2012.2.25) Malicious and huge ssh brute force attack (62 and more login attempts) focusing on the root password. We received a receipt from VooServers Ltd. (2012.2.27).
119.188.7.185/12	The criminal 119.188.7.185 in the crimianl China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in the criminal CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2012.2.25) Malicious and huge ssh brute force attack (12 login attempts) focusing on the root password. This is the 7th attack by the criminal 119.188.7.185 since Feb 12 2012, Dec 24 2011, Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2012.2.25, 2012.2.12, 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
218.75.199.72/11+	The criminals' host 218.75.199.72 in the criminals' heaven network CHINANET HuNan ZhuZhou in the criminals' heaven network CHINANET HuNan (中国电信股份有限公司湖南分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.2.25) Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 218.75.199.72 since Feb 13 2012. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
218.75.172.161/11+	218.75.172.161 in CHINANET Hunan province network (中国电信股份有限公司湖南分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.2.6-25) Malicious and huge ssh brute force attack (87 and more login attempts) focusing on the root password. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
219.140.165.85/11	The criminal 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch (No.1 HongShan Road Wuhan city, Hubei Province P.R.China, phone:+86-27-87811065, phone:+86-27-87897599, fax-no:+86-27-87811653) in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) (8th floor of JinGuang Building, #232 of Macao Road, HanKou Wuhan Hubei Province, P.R.China, phone:+86 27 82862199, fax-no:+86 27 82861499) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.2.25) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 15th attack by 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China since Feb 18 2012, Feb 16 2012, Feb 13 2012, Feb 11 2012, Feb 7 2012, Feb 6 2012, Feb 1 2012, Jan 31 2012, Jan 23 2012 (twice), Jan 20 2012, Jan 17 2012, Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
125.72.127.134/11+	The criminals' host 125.72.127.134 in XiNing Telecom in CHINANET QINGHAI province network (中国电信青海公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.2.19, mail error 2012.2.24) Malicious and huge pop brute force attack (876 login attempts). This is the 2nd attack by the criminals' host 125.72.127.134 since Dec 28 2011. The contact e-mail address liuchh@public.xn.qh.cn does not work because of '<liuchh@public.xn.qh.cn>: connect to public.xn.qh.cn[125.72.125.130]: Connection timed out' (2012.2.24) And the contact e-mail address pangph@public.xn.qh.cn does not work because of '<pangph@public.xn.qh.cn>: connect to public.xn.qh.cn[125.72.125.130]:25: Connection refused' (2012.1.2) Add 125.61.128.0/17, 125.62.0.0/15, 125.64.0.0/11, 125.96.0.0/15 and 125.98.0.0/16 to the permanent block list.
213.243.116.99/18	The criminals' host 213.243.116.99 (host-99-116-243-213.rusmedia.ru) in VOSKHOD-NET in Rusmedia NCC (SYNTERRA Joint Stock Company, Voroncovskaya St., 35"B"/3, 109147 Moscow, Russia) (RU) (2012.2.24) Malicious and huge ssh brute force attack (89 login attempts). This is the 2nd attack by the criminals' host 213.243.116.99 (host-99-116-243-213.rusmedia.ru) since Feb 22 2012. Add 213.243.64.0/18 to the permanent block list.
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminals' comapny MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.2.24) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 15th attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminal MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Feb 22 2012, Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
211.147.3.19/12+	211.147.3.19 in Beijing Sanxin Shidai Co. Ltd in CSTNET (中国科技网网络中心) in BEIJING TELETRON DATA CENTER (北京电信通电信工程有限公司) (CN) (2012.2.23) Malicious and huge ssh brute force attack (34 login attempts) focusing on the root password. Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
210.51.20.51/16+	210.51.20.51 in caishengcai-food-Ltd in CNC Group CncNet (中国联合网络通信有限公司) in CHINA UNICOM (中国联通) (CN) (2012.2.23) Malicious and huge ssh brute force attack (26 login attempts) focusing on the root password. Add 210.51.0.0/16 and 210.52.0.0/15 to the permanent block list.
61.155.9.239/10	The criminals' host 61.155.9.239 in the criminals' heaven network CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.2.22) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 61.155.9.239 since Feb 2 2012. Add 61.128.0.0/10 to the permanent block list.
213.243.116.99/18	213.243.116.99 (host-99-116-243-213.rusmedia.ru) in VOSKHOD-NET in Rusmedia NCC (SYNTERRA Joint Stock Company, Voroncovskaya St., 35"B"/3, 109147 Moscow, Russia) (RU) (2012.2.22) Malicious and huge ssh brute force attack (140 login attempts) focusing on the root password. Add 213.243.64.0/18 to the permanent block list.
61.253.249.157/13	The criminal 61.253.249.157 (www.michang.co.kr) in the criminal MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea. (KR) (2012.2.22) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 14th attack by the criminal 61.253.249.157 (www.michang.co.kr) in the criminal MICHANG OIL IND.CO., LTD (미창석유공업주식회사) (201, Dongsam-dong, Yeongdo-gu Busan, KR) in the criminal SK Broadband Co Ltd (SK브로드밴드) (267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg. 100-711) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea since Feb 19 2012, Feb 17 2012 (twice), 16 2012, Feb 15 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012 (twice), Feb 7 2012, Feb 6 2012 and Feb 2-6 2011. Add 61.248.0.0/13 to the permanent block list.
210.212.103.251/16	210.212.103.251 in the criminals' heaven network Sobhasaria Engineering College in the criminals' heaven network Bharat Sanchar Nigam Limited (IN) (2012.2.22) Malicious and huge ssh brute force attack (1,351 login attempts). The contact e-mail address himan_74@rediffmail.com does not work because of '<himan_74@rediffmail.com>: host mx.rediffmail.rediff.akadns.net[202.137.234.30] said: 550 Requested action not taken: mailbox unavailable (in reply to RCPT TO command)' (2012.2.22) And the contact e-mail address abuse@bsnl.in does not work because of 'The user(s) account is disabled. <abuse@bsnl.in>' (2012.2.22) Add 210.212.0.0/16 to the permanent block list.
184.107.179.242/16	The criminal 184.107.179.242 (host.educaras.com) in the criminal host.educaras.com in the criminal Corporación Universitaria de la Costa - CUC (Street Calle 58 No. 55 - 66, Barranquilla, 08001000, CO) in the criminal iWeb Technologies Inc. (20, place du Commerce, Montreal, QC, H3E-1Z6, CA) in COLOMBIA / CANADA (CO/CA) (2012.2.22) Malicious and huge ssh brute force attack (42 login attempts) focusing on the root password only. This is the 13th attack by the criminal 184.107.179.242 (host.educaras.com) in the criminal host.educaras.com in the criminal Corporación Universitaria de la Costa - CUC in the criminal iWeb Technologies Inc. in COLOMBIA / CANADA (CO/CA) since Feb 14 2012, Feb 13 2012, Feb 12 2012, Feb 9 2012, Feb 8 2012, Feb 7 2012, Feb 5 2012, Feb 4 2012, Feb 3 2012, Feb 2 2012, Jan 30 2012 and Jan 24-29 2012. Add 184.107.0.0/16 to the permanent block list.
218.108.85.240/15+	The criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.2.21) Malicious and huge ssh brute force attack (148 and more login attempts) focusing on the root password. This is the 9th attack by the criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. since Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Feb 21 2012, Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
111.67.210.19/20+	111.67.210.19 in KDISK (케이디스크) in wizsolution co.,Ltd (클루넷) (KR) (2012.2.21) Malicious and huge ssh brute force attack (1,440 login attempts) focusing on the root password. The contact e-mail address post@wizsolution.co.kr does not work because of '<post@wizsolution.co.kr>: Sorry, no mailbox here by that name. (#5.1.1)' (2012.2.21) And the contact e-mail address help@kdisk.co.kr does not work because of '<help@kdisk.co.kr>: host mail.kdisk.co.kr[110.45.187.231] said: 551 Relaying denied (in reply to RCPT TO command)' (2012.2.22) Add 111.67.208.0/20 and 111.67.224.0/19 to the permanent block list.
218.108.85.243/15+	The criminal 218.108.85.243 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.2.21) Malicious and huge ssh brute force attack (132 login attempts) focusing on the root password. This is the 2nd attack by the criminal 218.108.85.243 since Jan 12 2012. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 58.100.230.11 (Feb 4 2012), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.243 (Feb 21 2012 and Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Feb 1 2012, Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), and more and more criminals (before 2010) Add 58.99.128.0/17, 58.100.0.0/15, 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
networks permanently rejected
69.162.64.0/18 208.115.192.0/18	Limestone Networks, Inc. (US)
59.88.0.0/13 59.96.0.0/14 117.192.0.0/10 210.212.0.0/16 218.248.0.0/16	BSNL (Bharat Sanchar Nigam Limited) Internet (IN)
64.15.128.0/19 67.205.64.0/18 70.38.0.0/17 72.55.128.0/17 174.142.0.0/16 184.107.0.0/16 209.172.32.0/19	iWeb Technologies Inc. (CA)
24.123.0.0/17 24.173.0.0/16 24.199.39.226/18 24.199.204.175/17 50.74.0.0/15 69.134.205.250/14 68.205.122.176/13 71.40.0.0/14 70.60.0.0/14 98.100.0.0/14	Road Runner (US)
64.169.45.66/12 64.171.127.90/12 65.67.13.26/13 66.121.145.195/13 66.139.79.199/13 68.75.86.8/13 69.208.29.243/12 69.215.39.177/12 69.228.253.114/12	SBC Internet Services (US)
64.0.0.0/14 65.104.0.0/14 67.88.0.0/13 67.152.0.0/14 207.101.0.0/16 216.112.0.0/16	XO Communications (US)
82.165.29.132/16 82.165.182.20/16 212.227.21.108/16 212.227.49.34/16 217.160.131.147/16 217.160.185.217/16	Schlund + Partner AG (DE/US)
95.154.236.0/23 95.154.240.0/23 95.154.242.0/24 95.154.248.0/22	iDeal Hosting (TR) in RapidSwitch Ltd (GB)
58.136.0.0/15 203.146.0.0/16 210.1.0.0/18	CS LOXINFO PUBLIC COMPANY LIMITED
61.7.128.0/17 202.129.0.0/18	CAT Telecom (TH)
41.78.76.0/22	Powertel Communications (Zimbabwe) (ZW)
46.228.192.0/20	myLoc Colocation in fibre one networks GmbH (DE)
58.64.0.0/17	Advance Datanetwork Communications Co.,Ltd. (TH)
58.68.0.0/17	Dishnet Wireless Limited (IN)
59.106.49.96/27	日本空間情報技術株式会社 (JP)
59.148.0.0/15	City Telecom (H.K.) Ltd. (HK)
61.59.0.0/16	Seednet / Digital United Inc. (TW)
61.90.0.0/15	True Corporation (TH)
61.199.200.80/29	Vector International (ベクターインターナショナル株式会社) (JP)
62.26.219.0/24	JSis Network Solutions (DE)
62.39.117.136/29	OLYMPIQUE DE MARSEILLE (FR)
62.63.64.0/18	ArtX (RU)
62.72.110.116/19	Respons Advertising BVBA in COLT-BE (BE)
62.75.128.0/17	plusserver (intergenia AG)
62.81.241.208/29	Colegio Oficial de ingenieros Tecnicos Industriales in Ono.com (ES)
62.84.144.130/27	Martin Dohnal (CZ)
62.112.132.50/19	Tardeinfo GmbH in Netdiscounter GmbH (DE)
63.81.36.0/22	Top Speed Internet Service, LLC (US)
64.80.197.80/28	Anycolor Inc. in PaeTec Communications, Inc. (US)
64.115.0.0/16	Broadview Networks, Inc. (US)
64.237.96.0/20	ThruPort Technologies, Inc. (US)
65.19.234.0/23	Interbel Telephone (US)
65.75.128.0/18	Managed Solutions Group, Inc. (US)
65.116.31.0/24	LAREDO COMMUNITY COLLEGE (US)
66.11.112.0/20	Suavemente, Inc. (US)
66.50.0.0/16	Puerto Rico Telephone Company (PR)
66.133.64.0/19	Giant, Inc. (US)
66.152.160.0/19	MULTACOM CORPORATION (US)
66.230.192.0/19 66.230.231.73/20	Neucom, Inc. (US)
67.18.216.226/15	ThePlanet.com Internet Services, Inc. (US)
67.202.0.0/18	Amazon.com, Inc. (US)
69.20.54.51/17	Rackspace.com, Ltd. (US)
70.88.0.0/14	Comcast Business Communications, Inc. (US)
74.52.0.0/15 74.54.0.0/16	ThePlanet.com Internet Services, Inc. (US)
75.127.64.0/18	Amazonas Filmes in Global Net Access, LLC (US)
75.144.0.0/13	Comcast Business Communications, Inc. (US)
76.197.19.48/28	PRAKASH BALEBAI-070221231148 (US)
77.91.192.0/21	Vermont-IT (RU)
77.233.192.0/19	ROSS Limited Company in IZMAYROVO.RU (RU)
78.110.160.0/20	UK Dedicated Servers Limited, VAServe LTD (GB)
79.170.192.0/22	Intrahost Limited (GB)
80.71.240.0/20	vnicsmv.ru in Rial Com JSC (RU)
80.74.128.0/19	METANET AG, Switzerland (CH)
80.90.112.0/20	SmartLogic Ltd. (RU)
80.91.160.0/19	Nibulon Nikolaev in DATAGROUPDATAGROUP (UA)
80.96.134.0/23	SC Minisat srl (RO)
80.191.0.0/16	Data Communications of Iran (IR)
80.200.0.0/15	Skynet (BE)
80.233.128.0/17	Telia Latvija (LV)
80.243.176.0/20	IDealHosting in Dedicated Server Contact in Redstation Limited
81.52.240.0/20	WebSatMedia Pte Ltd in France Telecom (SG)
81.209.149.64/26	Mathias Goldhan in Keyweb AG (DE)
82.4.0.0/14	NTL Internet / A PART OF Virgin Media (GB)
82.76.0.0/14	Romania Data Systems (RO)
82.98.0.0/20	Ozone Paris (FR)
82.135.156.41/23	UAB "Elektronine prekyba ir Ko" (LT)
82.193.128.0/19	Ural Regional Bank Net "UralWES" (RU)
83.0.0.0/11	Polish Telcom TPNET (PL)
83.246.112.0/20	SERVERPOOL (DE)
84.128.0.0/10	Deutsche Telekom AG (DE)
84.235.0.0/17	Saudi Telecom Co. (SA)
84.246.144.0/22	Legatel Telecom Srl (IT)
85.38.0.0/16 88.48.0.0/15 (part of 88.32.0.0/11)	Telecom Italia (IT)
85.112.96.0/20	Centaur Telecom (RU)
86.34.0.0/16	Romtelecom Data Network (RO)
86.51.0.0/16	Bayanat Al-Oula in Mobily (SA)
87.247.64.0/19	Mikrovisatos TV (LT)
88.86.64.0/19	Quantum Communications (RU)
88.132.128.0/17	SadeceHosting (TR)
88.160.0.0/11	Dedibox / ProXad network / Free SAS (FR)
89.21.128.0/22	TZ-Telecom (includes Ermakov Aleksey)
89.216.0.0/16	Serbia Broadband (RS)
90.189.128.0/17	Sibirtelecom (RU)
Powernet Ltd (BG)	91.148.128.0/18
91.151.240.0/20	Novotelecom ltd. (RU)
92.55.64.0/18	Robi Cable TV in Neotel (MK)
93.95.64.0/21	ITV NET Network (MK)
93.100.0.0/16	SkyNet Network (RU)
93.180.88.0/21	Point To Point Ltd. in Bulgarian Internet Company Ltd. (BG)
94.126.16.0/21	METANET AG, Switzerland (CH)
94.243.0.0/18	MULTISERVICENETWORK (RU)
95.168.192.0/19	SuperHosting.cz (CZ)
98.142.208.0/20	WireSix (US)
109.207.0.0/20 109.225.0.0/18	JSC Rostelecom (RU)
110.74.128.0/18	AIMS Data Centre, Malaysia (MY)
112.133.192.0/18	RailTel Corporation (IN)
112.137.160.0/20	TM NET SDN BHD (MY)
112.215.0.0/16	PT Excelcomindo Pratama
116.66.160.0/20	Illuminate Internet Services Pty Ltd = Hostcentral (AU)
116.66.200.0/21	PT Cyber Network Indonesia (ID)
116.214.24.0/21	TULIP Telecom ltd. (IN)
118.97.82.0/24	PT. TELKOM INDONESIA (ID)
118.98.128.0/17	Departemen Pendidikan Nasional Tim Data Center Jardiknas (ID)
118.100.0.0/15	TELEKOM MALAYSIA BERHAD (MY)
122.152.128.0/18	Asia Netcom Corporation (JP)
122.183.128.0/17	Bharti Telenet Ltd. Tamilnadu
122.160.234.0/23	ABTS DELHI (IN)
122.252.224.0/19	RailTel Corporation of India Ltd. (IN)
123.30.0.0/15	VietNam Data Communication Company (VDC)
124.7.0.0/16	Sify Limited (IN)
124.30.0.0/16	Sify Limited (IN)
124.195.0.0/17	INDOSAT (ID)
124.247.192.0/18	TULIP Telecom (IN)
125.215.128.0/17	PCCW Business Netvigator (HK)
128.177.224.0/21	Fision - Digital Fiber Entertainment in AboveNet (US)
128.243.0.0/16	The University of Nottingham (GB)
131.236.0.0/16	University College, Australian Defense Force Academy (AU)
139.223.0.0/16	TISNET: TATUNG (TW)
147.83.5.57/16 147.83.50.71/16	Universitat Politecnica de Catalunya (ES)
149.156.0.0/16	Academic Computer Centre CYFRONET (PL)
161.139.0.0/16	Universiti Teknologi Malaysia (MY)
182.0.0.0/12	PT Telekomunikasi Selular Indonesia (ID)
188.95.152.0/24	Tavria Host Network (Gennady Mihajlov, Shorsa str., 2, Nikopol) (UA)
193.24.212.0/20	cdedie in V-COM Network Ips (FR)
193.34.120.0/22	SDV Server Services (DE)
193.87.160.64/28	Joint Vocational Secondary School (Zdruzena stredna skola, Bratislava, SK) in sanet. (SK)
193.107.16.0/22	Ideal Solution Ltd (SC)
193.111.156.0/22	Interphone Ltd. (UA)
193.231.39.0/24	University of Craiova (RO)
193.254.2.0/24	Polytechnic University of Tirana Albania (AL)
194.88.96.0/19	Online Internet nv/sa (BE)
194.103.218.0/23	Arjeplog Kommun (SE)
194.204.212.0/24	Ministere des Peches Maritimes (MA)
195.20.206.0/23	GleSYS - Serverhotell (SE)
195.47.227.0/24	Totolotek S.A. (PL)
195.93.144.0/23	Limited company Elektrosvyaz (RU)
195.140.140.0/22	CTN1 (FR)
195.140.176.0/22	PEACE-NET in HansaWorld International (Internet Invest Ltd) (UA)
195.224.0.0/16	Pipex Communications (GB)
196.0.0.0/8	AfriNIC
202.28.0.0/15	UniNet (Inter-university network) (TH)
202.46.0.0/20	IPTEKNET, Indonesian Science and Technology Network (ID)
202.46.24.0/21	Widya Mandala Catholic University Surabaya (ID)
202.55.180.162/20	SKYCC, VoIP and ISP, Ulaanbaatar, Mongolia (MN)
202.57.128.0/18 202.142.221.246/19	Internet Service Provider Co., Ltd. (TH)
202.60.64.0/19	DedicatedServers (AU)
202.60.240.2/19	Cyber Express Communication Ltd. (HK)
202.63.160.0/19	Exatt Technologies Pvt. Ltd. (IN)
202.64.0.0/16	Pacific Internet (Hong Kong) Ltd (HK)
202.65.128.0/19	Pioneer Online Pvt. Ltd. (IN)
202.66.0.0/16	CPCNet Hong Kong Ltd. (HK)
202.70.192.0/20	India Online Network Ltd (IN)
202.67.155.250/17	HKNet Company Limited (HK)
202.88.128.0/18	Hathway IP Over Cable Internet Access Service (IN)
202.123.64.0/19	Henderson Data Centre Limited (HK)
202.142.64.0/18	Zee Telefilms Ltd (IN)
202.144.0.0/17	Sify Limited (IN)
202.152.160.0/23 202.152.162.0/24 202.155.32.0/19	Indosat (ID)
202.155.196.100/18 202.155.230.231/18	Wharf T&T Limited (HK)
202.175.192.0/18	Eastern Telecoms Philippines, Inc. (PH)
202.181.128.0/19	Hongkong Commercial Internet Exchange (HK)
202.222.28.84/32	www.utsunomiya-fudousan.com in SAKURA Internet 宇都宮不動産のれん会 (JP)
203.34.37.0/24	YOKOZUNANET (MN)
203.64.0.0/13 203.72.0.0/14	Global Communication Network Corp., CHTD (TW)
203.81.32.0/19	Pacific Internet Limited (SG)
203.110.208.0/20	India Online Network Ltd. (IN)
203.113.128.0/18	Vietel Corporation (VN)
203.115.96.0/19	IITM in Primenet Global Ltd. (IN)
203.116.0.0/15 203.118.0.0/18	StarHub (SG)
203.133.27.117/17	Hoshin Gigamedia Center Inc. (TW)
203.141.141.192/29	Business Flow Technologies Inc. (株式会社ビジネスフローテクノロジーズ) in Interlink co., ltd (JP)
203.144.128.0/17	True Internet (TH)
KSC Commercial Internet	KSC Commercial Internet (TH)
203.157.0.0/16	Ministry of Public Health, Thailand (TH)
203.167.96.0/19	Eastern Telecoms Phils., Inc. (PH)
203.171.16.0/20	New Generations Telecommunication Corporation (VN)
203.172.192.0/18	Ministry of Education Network Operation Center (TH)
203.185.0.0/18	CITY TELECOM (HK) LTD
203.193.0.0/18	Verizon Hong Kong Limited (HK)
203.198.0.0/16	PCCW, NETVIGATOR (HK)
206.124.0.0/19	foreThought.net (US)
207.44.128.0/17	Anita Limanto in OESM Group in The Planet (Everyones Internet) (US)
207.80.142.5/16	Univ. of Texas System Office of Telecom. Services (US)
207.192.64.0/18	Linode.com in Net Access Corporation (US)
207.210.0.0/18	Source Cable Ltd. (CA)
207.253.73.0/24	Cooperative de cablodistribution de l'arriere-pays (CA)
208.50.192.0/18 208.51.0.0/16	Global Crossing (GBLX) (US)
208.109.0.0/16	GoDaddy.com, Inc. (US)
209.8.0.0/15	MarketUS in Beyond The Network America, Inc. - PCCW Global (US)
209.200.0.0/18	Webair Internet Development Company Inc. (US)
210.6.0.0/16	City Telecom (H.K.) Ltd. (HK)
210.17.0.0/17	Taiwan Telecommunication Network Services Co.,LTD. (TW)
210.18.57.3/17	Sify Limted (IN)
210.48.144.0/20	TM NET (MY)
210.67.0.0/18	Sysware Corporation, Systex Corporation (TW)
210.68.0.0/16	firefoxlanka.com in Digital United Inc. / SEEDNET (TW)
210.70.160.0/20	CHANG JUNG UNIVERSITY (TW)
210.81.0.0/19	WorldCom Japan Ltd. (JP)
210.87.240.0/20	PCCW (Pacific Century Cyberworks) Business Internet Access (HK)
210.188.206.76/32	creators union 株式会社クリエイターズユニオン (JP)
210.200.0.0/15	Asia Pacific On-line Services Inc. (APOL) (TW)
210.209.13.0/24	TWNAP (TW)
210.210.0.0/17	Sify Technologies Limited (IN)
210.228.173.144/24 210.228.174.0/23 210.228.176.0/24	Momotarou Internet Club (NIHONKOUSHIN Co.) (JP)
210.243.128.0/17 210.244.0.0/17	DIGITAL UNITED INC (TW)
210.245.0.0/17	FPT Telecom (VN)
211.24.0.0/15	TIME Telecommunications Sdn Bhd (MY)
211.78.80.0/20	DWINS Digital Service Corp. (TW)
212.12.224.0/19	Wayout Internet Solutions (EG)
212.72.192.0/19	NET IS SAT ltd. (BG)
212.74.96.0/19	Tiscali UK Limited (GB)
212.122.160.0/19	Bulgarian Government Network (BG)
212.138.82.0/26	Al Jouf University (SA)
213.16.56.0/24	SKAT TV Ltd. (BG)
213.19.163.0/24	THAIINTERNATIONAL-NL (TH)
213.112.0.0/14	Bredbandsbolaget Routing Registry (SE)
213.129.96.0/19	South-East Transtelecom Joint Stock Co (RU)
213.136.96.0/19	AFNET in AFRINIC (CI)
213.176.96.0/24	Malek Ashtar University (IR)
213.195.64.0/19	Ibercom (ES)
213.223.64.10/29	HUMBERT FRANCK, VAINCRE_LA_MUCO (FR)
213.228.128.0/18	Soabor - Comercio de Prendas Lda in Cabovisao - Televisao por Cabo, S.A (PT)
216.133.224.0/19	Roth Williams International Societies of Orthodontists in Vitalstream Holdings, Inc. (US)
216.144.224.0/20	Secured Private Network (US)
216.176.176.0/20	Wowrack.com (US)
216.177.128.0/20	Alentus Corporation (US)
216.219.128.0/17	Affinity Internet, Inc (US)
217.20.118.111/24	netdirekt e. K. (DE)
217.20.160.0/20	WNET (UA)
217.71.128.0/20	Novosibirsk State Technical University (RU)
217.112.112.0/20	Esprit telecom B.V. (NL)
218.102.0.0/15	GOA INTERNATIONAL LIMITED in NETVIGATOR (HK)
218.210.0.0/15	New Century InfoComm Tech. Co., Ltd. (TW)
218.214.0.0/15	Swiftel Communications (AU)
219.84.0.0/14	Taiwan Fixed Network CO.,LTD. (TW)
219.117.253.88/29	clja.net (Hirohisa Maruyama) in Interlink co., ltd (JP)
220.224.0.0/14	Reliance Communications Ltd (IN)
220.228.0.0/15	New Centry InfoComm Tech. Co., Ltd. (TW)
220.241.0.0/16	PCCW: Pacific Century Cyberworks (HK)
220.246.0.0/16	PCCW: Pacific Century Cyberworks (HK)
221.120.192.0/18	Pakistan Telecommunication Company Limited (PK)
222.124.0.0/16	PT. Telekomunikasi Indonesia Tbk (ID)
222.156.0.0/15	Asia Pacific On-line Services Inc. (TW)
222.252.0.0/14	Vietnam Posts and Telecommunications (VN)
24.232.0.0/16 132.247.0.0/16 132.248.0.0/16 148.201.0.0/16 148.202.0.0/15 148.204.0.0/14 148.208.0.0/12 148.224.0.0/12 148.240.0.0/13 148.248.0.0/15 148.250.0.0/16 150.185.0.0/16 150.186.0.0/15 150.188.0.0/15 157.100.0.0/16 164.77.0.0/16 168.243.0.0/16 177.0.0.0/8 186.0.0.0/7 189.0.0.0/8 190.0.0.0/8 200.0.0.0/7 216.152.160.0/20 216.230.128.0/19 216.241.0.0/19	LACNIC
113.252.0.0/14 118.140.0.0/14 203.184.128.0/17 210.0.128.0/17 218.188.0.0/14 221.127.43.88/14	The criminals' network - Hutchison Global Communications (HK)
14.208.0.0/12 27.115.0.0/17 58.14.0.0/15 58.16.0.0/13 58.24.0.0/15 58.30.0.0/15 58.32.0.0/11 58.68.128.0/17 58.82.0.0/15 58.99.128.0/17 58.100.0.0/15 58.120.0.0/13 58.144.0.0/16 58.192.0.0/11 58.240.0.0/12 59.32.0.0/11 59.64.0.0/12 59.80.0.0/14 59.107.0.0/16 59.108.0.0/14 59.148.0.0/15 59.151.0.0/17 59.172.0.0/14 60.0.0.0/11 60.160.0.0/11 60.194.0.0/15 60.200.0.0/13 60.208.0.0/12 61.4.176.0/20 61.28.0.0/17 61.29.128.0/17 61.48.0.0/13 61.128.0.0/10 61.232.0.0/14 61.236.0.0/15 61.238.0.0/15 (HK) 61.240.0.0/14 61.244.0.0/16 (HK) 61.248.0.0/13 89.202.108.0/25 (HK) 110.176.0.0/12 110.192.0.0/11 110.240.0.0/12 111.0.0.0/10 111.72.0.0/13 111.92.224.0/20 (HK) 112.0.0.0/10 112.64.0.0/14 112.80.0.0/12 112.96.0.0/13 112.224.0.0/11 113.0.0.0/13 113.8.0.0/15 113.11.192.0/19 113.54.0.0/15 113.56.0.0/15 113.58.0.0/16 113.59.0.0/17 113.62.0.0/15 113.64.0.0/10 113.128.0.0/15 113.218.0.0/15 113.220.0.0/14 113.224.0.0/11 114.80.0.0/12 114.96.0.0/13 114.104.0.0/14 114.112.0.0/13 114.208.0.0/12 114.224.0.0/11 115.190.0.0/15 115.192.0.0/11 115.224.0.0/12 116.1.0.0/16 116.2.0.0/15 116.4.0.0/14 116.8.0.0/14 116.16.0.0/12 116.52.0.00/14 116.56.0.00/15 116.112.0.0/13 116.213.64.0/18 116.213.128.0/17 116.224.0.0/12 116.242.0.0/15 116.244.0.0/14 116.248.0.0/15 116.252.0.0/15 116.254.128.0/17 116.255.128.0/17 117.21.0.0/16 117.22.0.0/15 117.24.0.0/13 117.32.0.0/13 117.40.0.0/14 117.44.0.0/15 117.74.128.0/17 117.75.0.0/16 117.76.0.0/14 117.80.0.0/12 117.128.0.0/10 118.24.0.0/13 118.102.16.0/20 118.112.0.0/13 118.120.0.0/14 118.124.0.0/15 118.126.0.0/16 118.144.0.0/14 118.180.0.0/14 118.184.0.0/13 118.192.0.0/12 118.212.0.0/15 118.224.0.0/14 118.228.0.0/15 118.230.0.0/16 119.2.128.0/17 119.3.0.0/16 119.4.0.0/14 119.8.0.0/15 119.10.0.0/17 119.32.0.0/13 119.40.0.0/15 119.42.0.0/19 119.78.0.0/15 119.80.0.0/15 119.112.0.0/12 119.128.0.0/12 119.144.0.0/14 119.161.128.0/17 119.162.0.0/15 119.164.0.0/14 119.176.0.0/12 119.252.240.0/20 119.253.0.0/16 119.254.0.0/15 120.0.0.0/12 120.24.0.0/14 120.30.0.0/15 120.32.0.0/12 120.48.0.0/15 120.64.0.0/13 120.192.0.0/10 121.8.0.0/13 121.16.0.0/12 121.32.0.0/13 121.40.0.0/14 121.52.208.0/20 121.52.224.0/19 121.204.0.0/14 122.4.0.0/14 122.8.0.0/13 122.64.0.0/11 122.96.0.0/15 122.102.0.0/20 122.102.64.0/19 122.112.0.0/14 122.136.0.0/13 122.156.0.0/14 122.188.0.0/14 122.192.0.0/14 122.200.64.0/18 122.224.0.0/12 122.240.0.0/13 123.4.0.0/14 123.8.0.0/13 123.112.0.0/12 123.128.0.0/13 123.137.0.0/16 123.138.0.0/15 123.144.0.0/12 123.160.0.0/12 123.177.0.0/16 123.178.0.0/15 123.180.0.0/14 123.184.0.0/13 123.196.0.0/15 123.232.0.0/14 124.14.0.0/15 124.16.0.0/15 124.31.0.0/16 124.42.0.0/16 124.88.0.0/13 124.112.0.0/13 124.126.0.0/15 124.128.0.0/13 124.160.0.0/13 124.192.0.0/15 124.200.0.0/13 124.220.0.0/14 124.224.0.0/12 124.240.0.0/17 124.254.0.0/18 125.31.192.0/18 125.32.0.0/12 125.61.128.0/17 125.62.0.0/15 125.64.0.0/11 125.96.0.0/15 125.98.0.0/16 125.208.0.0/18 125.210.0.0/15 125.216.0.0/13 159.226.0.0/16 163.125.0.0/16 166.111.0.0/16 180.152.0.0/13 180.160.0.0/12 180.184.0.0/14 180.188.0.0/17 182.18.0.0/17 182.49.0.0/16 182.50.0.0/20 182.236.128.0/17 183.0.0.0/10 183.64.0.0/13 202.8.128.0/19 202.10.64.0/20 202.67.128.0/17 (HK) 202.68.0.0/18 (HK) 202.75.208.0/20 202.90.0.0/15 202.92.0.0/14 202.96.0.0/12 202.112.0.0/13 202.120.0.0/15 202.127.24.198/20 202.136.48.0/20 202.152.176.0/20 202.165.176.0/20 202.192.0.0/12 203.86.0.0/18 203.86.64.0/19 203.88.192.0/19 203.90.128.0/18 203.90.192.0/19 203.91.120.0/21 203.148.0.0/18 203.171.224.0/20 203.175.128.0/17 210.14.64.0/19 210.17.128.0/17 (HK) 210.21.0.0/16 210.22.0.0/16 210.25.0.0/16 210.26.0.0/15 210.28.0.0/14 210.32.0.0/12 210.51.0.0/16 210.52.0.0/15 210.72.0.0/14 210.76.0.0/15 210.78.0.0/16 210.82.0.0/15 210.87.128.0/18 210.192.96.0/19 211.64.0.0/13 211.80.0.0/12 211.96.0.0/13 211.136.0.0/13 211.144.0.0/12 211.160.0.0/13 218.0.0.0/11 218.56.0.0/13 218.64.0.0/11 218.96.0.0/14 218.104.0.0/14 218.108.0.0/15 218.192.0.0/12 218.240.0.0/13 218.249.0.0/16 219.90.112.0/20 (HK) 219.128.0.0/11 219.216.0.0/13 219.224.0.0/12 219.242.0.0/15 219.244.0.0/14 220.112.0.0/14 220.160.0.0/11 220.192.0.0/12 220.231.0.0/16 220.248.0.0/14 220.252.0.0/16 221.0.0.0/12 221.122.0.0/15 221.129.0.0/16 221.130.0.0/15 221.172.0.0/14 221.176.0.0/13 221.192.0.0/11 221.224.0.0/12 222.16.0.0/12 222.32.0.0/11 222.64.0.0/11 222.126.128.0/17 222.128.0.0/12 222.160.0.0/14 222.168.0.0/13 222.176.0.0/12 222.192.0.0/11 222.240.0.0/13 222.248.0.0/15 223.0.0.0/12	People's Republic of China (CN) : the world no.1 lawless nation in the internet. many crackers live in these networks and serves phishing pages. for example, this is Fifth Third Bank phising page served by ANHUI TELECOM (2007.2.11) : http://218.22.100.110/cbdir/ (screenshot)
59.160.0.0/14 59.164.0,0/15 61.11.0.0/17 61.16.128.0/17 61.17.0.0/16 115.108.0.0/14 115.112.0.0/13 121.240.0.0/13 202.9.128.0/18 202.54.102.183/16 203.197.0.0/16 203.199.0.0/16 203.200.0.0/16 210.211.128.0/17	THE CRIMINALS' NETWORK - VSNL Videsh Sanchar Nigam Ltd (IN)
1.208.0.0/12 1.224.0.0/11 14.32.0.0/11 14.64.0.0/11 14.206.0.0/16 58.72.0.0/13 58.120.0.0/13 58.140.0.0/14 58.148.0.0/14 58.180.0.0/16 58.181.0.0/18 58.184.0.0/16 58.224.0.0/12 59.0.0.0/11 59.150.0.0/16 59.152.128.0/18 61.32.0.0/13 61.40.0.0/14 61.72.0.0/13 61.80.0.0/14 61.84.0.0/15 61.96.0.0/12 61.248.0.0/13 66.232.136.0/21 66.232.144.0/22 110.8.0.0/13 110.44.192.0/18 110.45.0.0/16 110.46.0.0/15 111.67.208.0/20 111.67.224.0/19 112.144.0.0/12 112.160.0.0/11 112.216.0.0/13 113.130.64.0/19 114.108.0.0/17 114.108.128.0/18 114.141.0.0/19 114.199.128.0/17 114.200.0.0/13 115.40.0.0/15 115.68.0.0/16 115.88.0.0/13 115.136.0.0/13 115.144.0.0/15 115.165.176.0/21 115.178.64.0/19 116.32.0.0/12 116.120.0.0/13 117.16.0.0/15 117.110.0.0/15 118.32.0.0/11 118.127.192.0/18 118.128.0.0/14 118.216.0.0/13 119.64.0.0/13 119.192.0.0/11 121.64.0.0/14 121.78.0.0/16 121.88.0.0/16 121.100.64.0/18 121.124.0.0/15 121.126.0.0/16 121.128.0.0/10 121.254.128.0/17 122.128.32.0/19 123.111.0.0/16 123.140.0.0/14 123.212.0.0/14 124.0.0.0/15 124.2.0.0/16 124.5.0.0/16 125.7.128.0/17 124.111.0.0/16 124.136.0.0/14 124.194.0.0/16 125.128.0.0/11 125.240.0.0/13 125.248.0.0/14 125.252.0.0/18 141.223.0.0/16 143.248.0.0/16 150.183.0.0/16 155.230.0.0/16 168.126.0.0/16 175.112.0.0/12 175.158.0.0/19 180.150.192.0/19 180.150.224.0/21 182.252.128.0/17 202.30.0.0/15 203.224.0.0/11 210.57.224.0/19 210.90.0.0/15 210.92.0.0/14 210.96.0.0/11 210.178.0.0/15 210.180.0.0/14 210.216.0.0/13 211.32.0.0/11 211.104.0.0/13 211.112.0.0/13 211.168.0.0/13 211.176.0.0/12 211.192.0.0/10 218.36.0.0/14 218.48.0.0/13 218.144.0.0/12 218.232.0.0/13 219.240.0.0/15 219.248.0.0/13 220.64.0.0/11 220.116.0.0/14 220.120.0.0/13 221.138.0.0/15 221.140.0.0/14 221.144.0.0/12 221.160.0.0/13 221.168.0.0/16 222.96.0.0/12 222.112.0.0/13 222.120.0.0/15 222.122.0.0/16 222.232.0.0/13	KOREA: many crackers live in these networks and serves phishing pages. for example, this is PayPal phising page served by SKNETWORKS-METRO-JEYUN-KR (2005.10.29) : http://211.63.1.132/source/img/banner/.cgi-bin/.webscr/paypal/ (screenshot) and for example, this is eBay phising page served by JANGRIMWORLD in Hanaro Telecom Co. (2006.10.27) : http://211.210.60.2/ebay/login1992/ (screenshot)
31.169.64.0/19 46.45.128.0/18 77.245.144.0/20 78.160.0.0/11 82.151.128.0/19 84.51.0.0/18 85.95.224.0/19 89.106.0.0/19 89.107.224.0/21 91.93.0.0/16 93.186.112.0/20 95.154.236.0/23 95.154.240.0/23 95.154.242.0/24 95.154.248.0/22 95.183.128.0/17 178.211.32.0/19 188.132.128.0/17 195.174.0.0/15 212.58.0.0/19 212.156.0.0/16 213.128.64.0/19	TRKEY many crackers live in these networks.
62.141.64.0/18 77.91.182.0/21 77.233.192.0/19 77.235.192.0/19 77.239.192.0/18 79.137.128.0/17 80.90.112.0/20 80.93.48.0/20 82.147.64.0/18 83.149.0.0/18 84.42.0.0/17 84.52.64.0/18 86.62.64.0/18 89.21.128.0/22 90.189.128.0/17 91.151.240.0/20 91.197.188.0/22 91.197.192.0/21 91.211.44.0/22 91.211.52.0/22 91.211.56.0/21 91.211.64.0/22 94.127.64.0/21 94.228.192.0/20 95.141.176.0/20 95.141.192.0/20 95.174.88.0/21 95.174.96.0/19 95.181.0.0/16 95.182.0.0/17 109.200.96.0/19 188.124.32.0/19 188.127.224.0/19 188.128.0.0/17 194.186.0.0/16 195.19.0.0/16 195.218.128.0/17 212.24.32.0/19 213.170.64.0/18 213.247.64.0/18 213.247.128.0/17 213.248.0.0/18 217.65.0.0/20	Russian Federation many criminals live in these networks.
123.200.128.0/17 202.10.80.0/20 203.34.252.0/22 203.35.0.0/16 203.36.0.0/14 203.40.0.0/13 203.48.0.0/14 203.52.0.0/15 203.54.0.0/16 203.55.0.0/23	Austraria many criminals live in these networks.
Dear infected hosts: Welcome to TATSUKICHI Network. We apologize to you for falling short of your expectations. We are WINDOWSOUTSIDE* netowrk and there are no hosts that swallow your dirty packets. PLEASE PLEASE DO NOT POLLUTE THE INTERNET.

本ページは w3m でもそこそこ表示できるように最適化されています [福]