t a t s u k i c h i

since 2001.4.29
[50879]

年中無休不定休 00:00-24:00

お飲みもの	日本酒を各種取り揃えております
コース料理	MacOS X, unix 等の美しく確かな技をご堪能下さい
季節料理	PIC, H8 等のご紹介
おつまみ	毒のあるつまみのようです
たつきちのご紹介	駐車場はございませんので散歩がてらご来店下さい
ご予約・お問い合わせは　info3@tatsukichi.gr.jp　まで（このメールアドレスへの特定電子メールの送信を拒否します）

たつきち小路でひとときのお安らぎを

はむすたあのあにさん	たつきちのおっしょさんですひさしぶりに元気なおっしょさんに出会えました ^^;
浅草散歩	たつきち小路から近くて遠い浅草の町
呑み喰い処	たつきちが好きならこの店も好き？
本屋	様々な本のご紹介
ぽっぽっぽ〜	とらすで〜すみぃで〜すふたりあわせてとらすとみぃどぇ〜す

大通りのお店

YAHOO! JAPAN
google 検索	全体から日本語のみ

たつきちからのお知らせ

［インシデント・レスポンスについて］
　弱小なたつきちネットワークでも最近多くのインシデントがありますので「たつきちネットワークにおけるインシデントの扱いについて」を作成しました。
［ウィルスからの攻撃について］
　ウィルスに感染したマイクロソフト・ウィンドウズからの攻撃は目に余るものがあります。ブラスターワームが猛威を振るった 2003 年 12 月には一日あたり約 18,251 回， 2004 年 7 月でも一日あたり約 4,229 回の攻撃があり，そのほとんどがウィルス感染したウィンドウズからと思われます。
　2005 年 8 月の ZOTOB/IRCBot ワームでも１日あたり 5,000 回程度の攻撃を受けています。
　エンドユーザやサーバ管理者の方は手を抜かず，周りに迷惑をかけない運用管理を徹底していただきたいものです（この部分はウィンドウズには限りませんが）。

SORBS users who identify recklessly the dynamically assigned IP addresses as spammers, we treat your network as criminals' heaven, nothing more, nothing less. Because we can't inform you about the criminals' behaviour in your network, and you can't stop your network to bother the Internet.

/ 2011.11 / 2011.10 / 2011.9 / 2011.8 / 2011.7 / 2011.6 / 2011.5 / 2011.4 / 2011.3 / 2011.2 / 2011.1 / 2010.12 / 2010.11 / 2010.10 / 2010.9 / 2010.8 / 2010.7 / 2010.6 / 2010.5 / 2010.4 / 2010.3 / 2010.2 / 2010.1 / 2009.12 / 2009.11 / 2009.10 / 2009.9 / 2009.8 / 2009.7 / 2009.6 / 2009.5 / 2009.4 / 2009.3 / 2009.2 / 2009.1 / 2008.12 / 2008.11 / 2008.10 / 2008.9 / 2008.8 / 2008.7 / 2008.6 / 2008.5 / 2008.4 / 2008.3 / 2008.2 / 2008.1

ip address	reason
CRACKERS' HEAVEN HOST/NETWORK - rejected networks (listed last 3 months)
216.230.144.226/19	216.230.144.226 (226.144.230.216.static.intelnet.net.gt) in Claro / Telgua (GT) (2012.1.29) Malicious and huge ssh brute force attack (186 and more login attempts) focusing on the root password only. Add 216.230.128.0/19 to the permanent block list.
182.236.164.11/17	182.236.164.11 in Zhengzhou Yifang Technology Trade Co., Ltd. in China Unicom Henan province network (中国联通河南省分公司) in CHINA UNICOM (中国联通) (CN) (2012.1.29) Malicious and huge ssh brute force attack (456 login attempts) focusing on the root password. Add 182.236.128.0/17 to the permanent block list.
218.108.236.125/15+	The criminal 218.108.236.125 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.29) Malicious and huge ssh brute force attack (38 login attempts) focusing on the root password. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.241 (Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.236.125 (Jan 29 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
222.221.2.210/11+	The criminal 222.221.2.210 in the criminal CHINANET yunnan province network in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2012.1.29) Malicious and huge ssh brute force attack (18 login attempts). This is the 18th attack by the criminal 222.221.2.210 since Jan 23 2012, Nov 3 2011, Oct 4 2011, Mar 28 2011, Dec 24 2010, Nov 11 2010, Sep 24 2010, Sep 12 2010, Jun 29 2010, Feb 9 2010, Dec 16 2009, Jun 1 2009, Apr 30 2009, Feb 26 2009 and Nov 22 2008. Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
115.68.55.224/16	115.68.55.224 in SMILESERV (KR) (2012.1.28) Malicious and huge ssh brute force attack (48 login attempts) focusing on the root passowrd. Add 115.68.0.0/16 to the permanent block list.
212.156.126.210/16	212.156.126.210 (212.156.126.210.static.turktelekom.com.tr) in Değer Yayınları in Turk Telekom TTnet (TR) (2012.1.27) Malicious and huge ssh brute force attack (65 login attempts) focusing on the root passowrd. Add 212.156.0.0/16 to the permanent block list.
195.19.46.170/16	195.19.46.170 (h170.net46.bmstu.ru) in Bauman Moswcow State Technical University (BMSTU) (RU) (2012.1.27) Malicious and huge ssh brute force attack (414 login attempts). Add 195.19.0.0/16 to the permanent block list.
221.239.81.4/12+	221.239.81.4 in TIANJIN-LANGXINXINXI-LTD CHINANET Tianjin province network (中国电信网上营业厅·天津) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.27) Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password. Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
222.35.41.11/11+	222.35.41.11 in Beijing hayuxingshegn Co., Ltd (Jianguo Road, Chaoyang District, Beijing, China) (CN) (2012.1.26-27) Malicious and huge ssh brute force attack (3,880 and more login attempts). Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
125.211.221.97/15	125.211.221.97 in China Unicom Heilongjiang province network (黑龙江联通) in the criminals' heaven network China Unicom (中国联通) (CN) (2012.1.21, mail error 2012.1.26) Malicious and huge ssh brute force attack (2,832 login attempts). The contact e-mail address abuse@chinaunicom.cn does not work because of '在收件人的电子邮件系统中未找到此收件人的电子邮件地址。Microsoft Exchange 不会尝试重新传递此邮件。请检查电子邮件地址并尝试重新发送此邮件，或向系统管理员提供以下诊断文本。' (2012.1.21) And the contact e-mail address abuse@chinaunicom.com.cn does not work because of '<abuse@chinaunicom.com.cn>: connect to ksg1.chinaunicom.com.cn[210.53.66.252]: Connection refused' (2012.1.26) And the contact e-mail address abuse@chinaunicom.com does not work because of '<abuse@chinaunicom.com>: connect to mail.chinaunicom.com[211.94.36.20]: Connection timed out' (2012.1.26) Add 125.210.0.0/15 to the permanent block list.
112.25.9.183/10+	112.25.9.183 in China Mobile Communications Corporation (中国移动通信集团公司) (CN) (2012.1.26) Malicious and huge ssh brute force attack (54 login attempts) focusing on the root password. Add 112.0.0.0/10 and 112.64.0.0/14 to the permanent block list.
81.25.45.193/20	81.25.45.193 (port-193-adslby-pool45.infonet.by) in the criminal BelInfoNet Ltd. (BY) (2012.1.25) Malicious and huge ssh brute force attack (94 login attempts) focusing on the root password. The contact e-mail address murat@infonet.by does not work because of '<murat@infonet.by>: host mail.infonet.by[81.25.32.11] said: 550 <murat@infonet.by>, Recipient unknown (in reply to RCPT TO command)' (2012.1.25)
208.71.173.70/21	208.71.173.70 (D047AD46.ptr.provps.com) in ProVPS.com in Network Data Center Host, Inc. (US) (2012.1.25) Malicious and huge ssh brute force attack (215 login attempts) focusing on the root password.
221.131.118.31/15+	221.131.118.31 in the criminal China Mobile Communications Corporation - jiangsu (江苏移动) in China Mobile Communications Corporation (中国移动通信集团公司) (CN) (2012.1.25) Malicious and huge ssh brute force attack (54 login attempts). Add 221.129.0.0/16 and 221.130.0.0/15 to the permanent block list.
203.115.11.235/24	203.115.11.235 (www.litrogas.com) in Litro Gas Lanka Limited in Sri Lanka Telecom (LK) (2012.1.25) Malicious and huge ssh brute force attack (213 login attempts) focusing on the root password.
112.175.27.50/11+	112.175.27.50 in Korea Telecom (KR) (2012.1.25) Malicious and huge ssh brute force attack (4,777 and more login attempts). Add 112.144.0.0/12 and 112.160.0.0/11 to the permanent block list.
221.176.176.104/13+	221.176.176.104 (www.xycyjjq.cn) in the criminal xycyjjq.cn (河南夏邑县集聚区) in China Mobile Communications Corporation (中国移动通信集团公司). (CN) (2012.1.25) Malicious and huge ssh brute force attack (541 login attempts). Add 221.172.0.0/14 and 221.176.0.0/13 to the permanent block list.
187.61.50.34/7	187.61.50.34 (fiat327-web01.dominiotemporarioidc.com) in dominiotemporarioidc.com in Universo Online S.A. (BR) (2012.1.25) Malicious and huge http vulnerability probes (152 probes). Add 186.0.0.0/7 to the permanent block list.
210.211.108.137/19	210.211.108.137 (srv-108-137.static.vinahost.vn) in VinaHost in Viettel IDC (VN) (2012.1.24) Malicious and huge ssh brute force attack (38 login attempts) focusing on the root password only.
188.94.101.6/21	188.94.101.6 in TWL-Kom GmbH (DE) (2012.1.24) Malicious and huge ssh brute force attack (48 login attempts) focusing on the root password only.
58.19.66.10/13+	58.19.66.10 in CNC Group CHINA169 Hubei Province Network in China Unicom Hubei province network (湖北联通) in China Unicom (中国联通) (CN) (2012.1.24) Malicious and huge ssh brute force attack (95 login attempts) focusing on the root password. Add 58.14.0.0/15, 58.16.0.0/13 and 58.24.0.0/15 to the permanent block list.
85.214.57.21/15	85.214.57.21 (suessmosterei-frickenschmidt.de = h1697906.stratoserver.net) in Strato Rechenzentrum, Berlin (DE) (2012.1.24) Malicious and huge ssh brute force attack (487 and more login attempts) focusing on the root password.
109.225.40.176/18	109.225.40.176 (176.net-94.242.40.kaluga.ru = gbuko.ru) in gbuko.ru in kaluga.ru (Калужский) in JSC Rostelecom (Ростелеком) (RU) (2012.1.24) Malicious and huge ssh brute force attack (653 login attempts) focusing on the root password. Add 109.225.0.0/18 to the permanent block list.
203.172.22.84/19	203.172.22.84 (ptr1.info.com.ph) in INFOCOM Technologies, Inc. in ePLDT in Philippine Long Distance Telephone Company (PLDT) (PH) (2012.1.24) Malicious and huge ssh brute force attack (1,463 login attempts) focusing on the root password.
222.186.29.69/12+	The criminals' host 222.186.29.69 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.23) Malicious and huge ssh brute force attack (8 login attempts) focusing on the root password only. This is the 3rd attack by 222.186.29.69 since Nov 22 2011 and Nov 18 2011. Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
219.140.165.85/11	The criminal 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.1.23 again) Malicious and huge ssh brute force attack (11 login attempts) focusing on the root password only. This is the 6th attack by 219.140.165.85 since Jan 23 2012 (today), Jan 20 2012, Jan 17 2012, Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
210.201.137.3/15	THe criminals' host 210.201.137.3 (NK210-201-137-3.cl.static.apol.com.tw) in the criminals' heaven network Asia Pacific On-line Services Inc. (亞太電信) (TW) (2012.1.23) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password. This is the 2nd attack by since Jan 6 2012. Add 210.200.0.0/15 to the permanent block list.
222.221.2.210/11+	The criminal 222.221.2.210 in the criminal CHINANET yunnan province network in the criminal CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2012.1.23) Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password. This is the 17th attack by the criminal 222.221.2.210 since Nov 3 2011, Oct 4 2011, Mar 28 2011, Dec 24 2010, Nov 11 2010, Sep 24 2010, Sep 12 2010, Jun 29 2010, Feb 9 2010, Dec 16 2009, Jun 1 2009, Apr 30 2009, Feb 26 2009 and Nov 22 2008. Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
86.62.121.132/18	The criminal 86.62.121.132 (h86-62-121-132.ln.rinet.ru) in RiNet in Cronyx Plus (RU) (2012.1.23) This is the 3rd probe by the criminal 86.62.121.132 (h86-62-121-132.ln.rinet.ru) since Jan 22 2012 and Jan 10 2012. Malicious and huge http vulnerability probes (39 probes). Add 86.62.64.0/18 to the permanent block list.
202.78.85.44/24	202.78.85.44 in SKYCablenet (PH) (2012.1.23) Malicious and huge ssh brute force attack (136 login attempts) focusing on the root password.
125.133.120.52/11	The criminals' host 125.133.120.52 (mail.kahp.or.kr) in the criminals' heaven network Korea Association of Health Promotion (한국건강관리협회) in the criminals' heaven network Korea Telecom (KR) (2012.1.23) Malicious and huge ssh brute force attack (626 login attempts). This is the 2nd attack by the criminals' host 125.133.120.52 (mail.kahp.or.kr) since Jan 7 2012. Add 125.128.0.0/11 to the permanent block list.
219.140.165.85/11	The criminal 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch in the criminal CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2012.1.23) Malicious and huge ssh brute force attack (1 login attempts) focusing on the root password only. This is the 5th attack by 219.140.165.85 since Jan 20 2012, Jan 17 2012, Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
222.237.78.142/13	The criminal 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) in the criminal roadmarker.kr in the criminal tongkni (통큰아이) in the criminal SK Broadband Co Ltd (SK브로드밴드) in the criminal NATE (네이트) (NATE = Hanaro Telecom Inc.) in Korea (KR) (2012.1.23) Malicious and huge ssh brute force attack (312 login attempts). This is the 4th attack by the criminal 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) since Dec 31 2011, Dec 12 2011 and Sep 9 2011. Add 222.232.0.0/13 to the permanent block list.
121.13.55.27/13+	121.13.55.27 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.23) Malicious and huge smtp auth attempts (50 login attempts). Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
86.62.121.132/18	The criminals' host 86.62.121.132 (h86-62-121-132.ln.rinet.ru) in RiNet in Cronyx Plus (RU) (2012.1.22) This is the 2nd probe by the criminals' host 86.62.121.132 (h86-62-121-132.ln.rinet.ru) since Jan 10 2012. Malicious and huge http vulnerability probes (39 probes). Add 86.62.64.0/18 to the permanent block list.
203.153.97.36/24	203.153.97.36 in net2cyber.net in Velo Network (ID) (2012.1.21) Malicious and huge ssh brute force attack (123 and more login attempts) focusing on the root password only.
223.4.8.198/12	223.4.8.198 in HiChina Web Solutions (Beijing) Limited (中国万网) (CN) (2012.1.21) Malicious and huge pop brute force attack (1,290 login attempts). Add 223.0.0.0/12 to the permanent block list.
219.140.165.85/11	The criminal 219.140.165.85 in the criminal Hubei Telecom Wuhan Branch in CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.20) Malicious and huge ssh brute force attack (8 login attempts) focusing on the root password only. This is the 3rd attack by 219.140.165.85 since Jan 17 2012, Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
64.31.12.152/18	64.31.12.152 (152-12-31-64.servebyte.net) in Limestone Networks, Inc. (US) (2012.1.20) Malicious and huge pop brute force attack (300 login attempts).
58.215.184.154/11	58.215.184.154 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.20) Malicious and huge ssh brute force attack (46 and more login attempts) focusing on the root password. Add 58.192.0.0/11 to the permanent block list.
202.131.125.102/19	202.131.125.102 in BLAZENET PVT. LTD (IN) (2012.1.19) Malicious and huge ssh brute force attack (30 and more login attempts) focusing on the root password.
111.90.173.82/24	111.90.173.82 in Ishan Netsol Pvt Ltd (IN) (2012.1.19) Malicious and huge ssh brute force attack (28 and more login attempts) focusing on the root password only.
203.88.158.172/20	203.88.158.172 (ice.158.client172.youtele.com) in YOU Broadband & Cable India Ltd. in YOU Telecom India Pvt Ltd (IN) (2012.1.19) Malicious and huge ssh brute force attack (33 and more login attempts) focusing on the root password only.
209.159.146.58/20	209.159.146.58 (demastres.com) in demastres.com in Interserver, Inc (US) (2012.1.19) Malicious and huge ssh brute force attack (116 and more login attempts).
88.191.100.91/11	88.191.100.91 (sd-17988.dedibox.fr) in Dedibox SAS in Free SAS / ProXad (FR) (2012.1.17) Malicious and huge ssh brute force attack (63 login attempts). Add 88.160.0.0/11 to the permanent block list.
219.140.165.85/11	The criminals' host 219.140.165.85 in the criminals' network Hubei Telecom Wuhan Branch in CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.17) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 3rd attack by 219.140.165.85 since Jan 15 2012 and Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
117.239.65.166/10	The criminals' host 117.239.65.166 (mail.annatech.ac.in) in Anna University of Technology Chennai in the crimimnals' heaven network Bharat Sanchar Nigam Limited (IN) (2012.1.16) Malicious and huge ssh brute force attack (52 and more login attempts) focusijng on the root password. This is the 2nd attack by the criminals' host 117.239.65.166 (mail.annatech.ac.in) since Dec 17 2011. Add 117.192.0.0/10 to the permanent block list.
112.169.29.81/11+	112.169.29.81 in sopeuteuonnes(ju) in Korea Telecom (KR) (2012.1.16) Malicious and huge ssh brute force attack (111 and more login attempts). Add 112.144.0.0/12 and 112.160.0.0/11 to the permanent block list.
218.29.54.13/11	The criminals' host 218.29.54.13 in China Unicom Henan province network (中国联通河南省分公司) in CHINA UNICOM (中国联通) (CN) (2012.1.16) Malicious and huge ssh brute force attack (17 login attempts) focusing on the root password. This is th 2nd attack by the criminals' host 218.29.54.13 since Dec 30 2011. Add 218.0.0.0/11 to the permanent block list.
219.94.87.123/20	The criminals' host 219.94.87.123 (kedahfm.gov.my) in Radio Malaysia KedahFm in Telekom Malaysia (MY) (2012.1.15) Malicious and huge pop brute force attack (10 and more login attempts). This is the 2nd attack by the criminals' host 219.94.87.123 (kedahfm.gov.my) since Jan 14 2011.
123.138.30.30/15+	123.138.30.30 in the criminals' heaven network CNC Group CHINA169 Shanni Province Network in CHINA UNICOM (中国联通) (CN) (2012.1.10, mail error 2012.1.15) Malicious and huge ssh brute force attack (58 and more login attempts) focusing on the root passowrd. The contact e-mail address quyj@china-netcom.com does not work because of '在收件人的电子邮件系统中未找到此收件人的电子邮件地址。Microsoft Exchange 不会尝试重新传递此邮件。请检查电子邮件地址并尝试重新发送此邮件，或向系统管理员提供以下诊断文本。' (2012.1.10) The contact e-mail address quyj@china-netcom.com does not work because of '<quyj@china-netcom.com>: connect to china-netcom.com[210.53.66.251]: Connection timed out' (2012.1.15) Add 123.137.0.0/16 and 123.138.0.0/15 to the permanent block list.
66.50.181.58/16	66.50.181.58 (66-50-181-58.prtc.net) in the cirminals' heaven network Puerto Rico Telephone Company (PR) (2012.1.15) Malicious and huge ssh brute force attack (64 and more login attempts). The contact e-mail address edwinri@prtc.net does not work because of '<edwinri@prtc.net>: host m2w-in1.ctmail.com[74.202.142.24] said: 550 5.1.1 <edwinri@prtc.net> is not a valid mailbox (in reply to RCPT TO command)' (2012.1.15) Add 66.50.0.0/16 to the permanent block list.
177.47.99.153/8	177.47.99.153 in Trajano Com. e Prom. de vendas Ltda. in DataCorpore DataCenter (BR) (2012.1.15) Malicious and huge ssh brute force attack (568 and more login attempts) focusing on the root password. Add 177.0.0.0/8 to the permanent block list.
58.227.192.244/12	The criminals' host 58.227.192.244 in SK Broadband Co Ltd (SK브로드밴드) (Hanaro Telecom Inc.) (KR) (2012.1.15) Malicious and huge ssh brute force attack (468 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 58.227.192.244 since May 25 2011. Add 58.224.0.0/12 to the permanent block list.
219.140.165.85/11	219.140.165.85 in the criminals' heaven network Hubei Telecom Wuhan Branch in CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.15) Malicious and huge ssh brute force attack (18 login attempts) focusing on the root password. This is the 2nd attack by 219.140.165.85 since Jan 14 2012. Add 219.128.0.0/11 to the permanent block list.
118.69.205.3/20	118.69.205.3 (sanny3.orcponz.net) in FPT Telecom Company (VN) (2012.1.14) Malicious and huge ssh brute force attack (146 login attempts) focusing on the root password.
138.188.136.65/16	138.188.136.65 in Swisscom (Switzerland) Ltd (CH) (2012.1.14) Malicious and huge ssh brute force attack (627 login attempts).
219.140.165.85/11	219.140.165.85 in the criminals' heaven network Hubei Telecom Wuhan Branch in CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.14) Malicious and huge ssh brute force attack (35 login attempts) focusing on the root password. The contact e-mail address abuse_wh@public.wh.hb.cn does not work because of '<abuse_wh@public.wh.hb.cn>: host public.wh.hb.cn[58.53.208.50] said: 550 <abuse_wh`public_wh_hb_cn> is now disabled with MTA service. (in reply to RCPT TO command)' (2012.1.15) Add 219.128.0.0/11 to the permanent block list.
59.40.171.94/11+	59.40.171.94 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.14) Malicious and huge smtp auth attempts (121 login attempts). Add 59.32.0.0/11, 59.64.0.0/12 and 59.80.0.0/14 to the permanent block list.
219.94.87.123/20	219.94.87.123 (kedahfm.gov.my) in Radio Malaysia KedahFm in Telekom Malaysia (MY) (2012.1.14) Malicious and huge pop brute force attack (1,229 login attempts).
163.125.83.83/16	163.125.83.83 in the criminals' heaven network China Unicom Guangdong province network (中国联通广东分公司) in China Unicom (中国联通) (CN) (2012.1.13) Malicious and huge smtp auth attempts (79 login attempts). The contact e-mail address abuse@chinaunicom.cn does not work because of '在收件人的电子邮件系统中未找到此收件人的电子邮件地址。Microsoft Exchange 不会尝试重新传递此邮件。请检查电子邮件地址并尝试重新发送此邮件，或向系统管理员提供以下诊断文本。' (2012.1.13) Add 163.125.0.0/16 to the permanent block list.
64.244.112.154/15	64.244.112.154 in MERCHANTWIRED LLC in XO Communications (US) (2012.1.12) Malicious and huge pop brute force attack (501 login attempts).
121.13.12.254/13+	121.13.12.254 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.12) Malicious and huge smtp auth attempts (54 login attempts). Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
218.108.85.243/15+	The criminal 218.108.85.243 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.12) Malicious and huge ssh brute force attack (24 login attempts) focusing on the root password. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.241 (Jan 12 2012), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
218.29.131.164/11	218.29.131.164 in JiShuChanQuan Corp in CNC Group CHINA169 Henan Province Network in China Unicom Henan province network (中国联通河南省分公司) in CHINA UNICOM (中国联通) (CN) (2012.1.12) Malicious and huge ssh brute force attack (906 login attempts) focusing on the root password only. The contact e-mail address abuse@chinaunicom.cn does not work because of '在收件人的电子邮件系统中未找到此收件人的电子邮件地址。Microsoft Exchange 不会尝试重新传递此邮件。请检查电子邮件地址并尝试重新发送此邮件，或向系统管理员提供以下诊断文本。' (2012.1.13) Add 218.0.0.0/11 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.12) Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password. This is the 11th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Jan 8 2012 (twice), Jan 5 2012 (3 times), Jan 3 2012, Jan 2 2012, Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 12 2012, Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
126.15.102.57/8	126.15.102.57 in SoftbankBB (JP) (2012.1.12) Malicious and huge ssh brute force attack (894 login attempts) focusing on the root password only.
91.217.91.48/23	91.217.91.48 in PE Ivanov Vitaliy Sergeevich in XSERVER (UA) (2012.1.11) Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password.
207.81.128.157/16	207.81.128.157 (d10-18-2-0.bchsia.telus.net) in TELUS Communications Inc. (US) (2012.1.11) Malicious and huge ssh brute force attack (34 login attempts) focusing on the root password only.
180.186.72.53/14+	The criminal 180.186.72.53 in the criminals' heaven network Beijing Times Telecom Engineering Corporation Limited (北京时代互通电信工程有限公司) (CN) (2012.1.11) Malicious and huge ssh brute force attack (54 login attempts) focusing on the root password. This is the 3rd attack by the criminal 180.186.72.53 since Jan 3 2012 and Dec 29 2011. Add 180.184.0.0/14 and 180.188.0.0/17 to the permanent block list.
86.62.121.132/18	86.62.121.132 (h86-62-121-132.ln.rinet.ru) in RiNet in Cronyx Plus (FR) (2011.12.10) Malicious and huge http vulnerability probes (78 probes). Add 86.62.64.0/18 to the permanent block list.
82.138.226.181/18	82.138.226.181 (host4.rbs.mtnetworks.co.uk) in Telecomplete in MT Networks (GB) (2012.1.10) Malicious and huge ssh brute force attack (34 login attempts) focusing on the root password only. The contact e-mail address mike.havekin@fused-group.com, dan.ashurst@fused-group.com and chris.mccormack@fused-group.com expanded from abuse@telecomplete.co.uk do not work because of 'The recipient's mailbox is full and can't accept messages now. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message later, or contact the recipient directly.' (2012.1.10)
218.22.211.69/11	The criminals' host 218.22.211.69 in the criminals' heaven network CHINANET Anhui province network (中国电信股份有限公司安徽分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.9) Malicious and huge ssh brute force attack (56 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 218.22.211.69 since Nov 27 2011. Add 218.0.0.0/11 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.8) Malicious and huge ssh brute force attack (44 login attempts) focusing on the root password only. This is the 11th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Jan 8 2012 (today), Jan 5 2012 (3 times), Jan 3 2012, Jan 2 2012, Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 8 2012 (twice), Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.8) Malicious and huge ssh brute force attack (146 login attempts) focusing on the root password. This is the 10th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Jan 5 2012 (3 times), Jan 3 2012, Jan 2 2012, Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 8 2012, Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
211.154.154.238/12+	The criminal 211.154.154.238 in the criminals' heaven network China Motion Network Communication (潤迅通信) (CN) (2012.1.8) Malicious and huge ssh brute force attack (5 login attempts) focusing on the root password only. This is the 3rd attack by the criminal 211.154.154.238 since Jan 5 2012 and Dec 18-24 2011. Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
14.139.61.4/28	14.139.61.4 (moon61.nkn.in) in National Institute of Plant Genome Research (NIPGR) in National Knowledge Network (IN) (2012.1.8) Malicious and huge pop brute force attack (89 and more login attempts).
125.133.120.52/11	125.133.120.52 (mail.kahp.or.kr) in Korea Association of Health Promotion (한국건강관리협회) in Korea Telecom (KR) (2012.1.7) Malicious and huge ssh brute force attack (106 and more login attempts) focusing onn the root password. Add 125.128.0.0/11 to the permanent block list.
84.235.62.30/17	84.235.62.30 in SaudiNet, Saudi Telecom Company (شركة الاتصالات السعودي) (SA) (2012.1.7) Malicious and huge ssh brute force attack (77 and more login attempts).
124.127.125.2/15+	The criminal 124.127.125.2 in NavInfo Co., Ltd. (四维图新) in Research Institution of Telecom (CN) (2012.1.7) Malicious and huge ssh brute force attack (100 login attempts). This is the 3rd attack by the criminal 124.127.125.2 since Sep 19 2011 and Mar 24 2011. Add 124.126.0.0/15 and 124.128.0.0/13 to the permanent block list.
117.243.250.249/18	117.243.250.249 in Bharat Sanchar Nigam Limited (IN) (2012.1.7) Malicious and huge ssh brute force attack (43 and more login attempts) focusing on the root password only. Add 218.248.0.0/16 to the permanent block list.
218.170.8.59/12	218.170.8.59 (218-170-8-59.dynamic.hinet.net) in CHTD, Chunghwa Telecom Co.,Ltd. (TW) (2012.1.6) Malicious and huge pop brute force attack (613 login attempts). We received an automatic receipt from HiNet Security Operation Center. (2012.1.6).
218.93.205.205/11+	The criminals' host 218.93.205.205 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.6) Malicious and huge ssh brute force attack (26 login attempts) focusing on the root password. This is the 3rd attack by the criminals' host 218.93.205.205 since Nov 22 2011, Sep 10 2010. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
210.201.137.3/15	210.201.137.3 (NK210-201-137-3.cl.static.apol.com.tw) in Asia Pacific On-line Services Inc. (亞太電信) (TW) (2012.1.6) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.5) Malicious and huge ssh brute force attack (54 login attempts) focusing on the root password only. This is the 9th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Jan 5 2012 (twice), Jan 3 2012, Jan 2 2012, Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 5 2012 (three times), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.5) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password only. This is the 8th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Jan 5 2012 (today), Jan 3 2012, Jan 2 2012, Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 5 2012 (twice), Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.5) Malicious and huge ssh brute force attack (75 login attempts) focusing on the root password only. This is the 7th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Jan 3 2012, Jan 2 2012, Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 5 2012, Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
91.211.52.53/22+	The criminals' host 91.211.52.53 in Buko Ltd (MK-NET) (RU) (2011.12.5) Malicious and huge ssh brute force attack (134 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 91.211.52.53 since Dec 11 2011. Add 91.211.52.0/22, 91.211.56.0/21 and 91.211.64.0/22 to the permanent block list.
201.45.220.71/24(/7)	201.45.220.71 in ZUNET SERVIÇOS ONLINE LTDA in EMBRATEL (BR) (2012.1.5) Malicious and huge ssh brute force attack (521 and more login attempts) focusing on the root passowrd. Add 200.0.0.0/7 to the permanent block list.
211.154.154.238/12+	The criminals' host 211.154.154.238 in China Motion Network Communication (潤迅通信) (CN) (2012.1.5) Malicious and huge ssh brute force attack (17 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 211.154.154.238 since Dec 18-24 2011. Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
49.212.84.240/16	49.212.84.240 (www36202u.sakura.ne.jp) in SAKURA Internet Inc. (JP) (2012.1.4) Malicious and huge ssh brute force attack (103 and more login attempts) focusing on the root password only.
58.244.237.90/12	58.244.237.90 (90.237.244.58.adsl-pool.jlccptt.net.cn) in China Unicom Jilin province network (吉林联通) in CHINA UNICOM (中国联通) (CN) (2012.1.4) Malicious and huge ssh brute force attack (1,153 login attempts) focusing on the root passowrd. Add 58.240.0.0/12 to the permanent block list.
208.115.201.195/18	208.115.201.195 (195-201-115-208.servebyte.net) in Limestone Networks, Inc. (US) (2012.1.4) Malicious and huge pop brute force attack (51 login attempts).
119.139.182.95/12+	119.139.182.95 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2012.1.4) Malicious and huge smtp auth attempts (79 login attempts). Add 119.112.0.0/12, 119.128.0.0/12 and 119.144.0.0/14 to the permanent block list.
125.132.209.226/11	125.132.209.226 in the criminals' heaven network Korea Telecom (KR) (2012.1.3, mail error 2012.1.3) Malicious and huge ssh brute force attack (97 and more login attempts). The contact e-mail address kornet_ip@kt.com does not work because of '현재 받는 사람의 사서함이 꽉 차서 메시지를 받을 수 없습니다. 나중에 이 메시지를 다시 보내거나 받는 사람에게 직접 문의하십시오.' (2012.1.3) Add 125.128.0.0/11 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.3) Malicious and huge ssh brute force attack (144 login attempts) focusing on the root password only. This is the 6th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Jan 2 2012, Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 3 2012, Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
180.186.72.53/14+	The criminals' host 180.186.72.53 in Beijing Times Telecom Engineering Corporation Limited (北京时代互通电信工程有限公司) (CN) (2012.1.3) Malicious and huge ssh brute force attack (54 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 180.186.72.53 since Dec 29 2011. Add 180.184.0.0/14 and 180.188.0.0/17 to the permanent block list.
184.172.222.11/15	184.172.222.11 (184.172.222.11-static.reverse.softlayer.com) in ThePlanet.com Internet Services, Inc. (US) (2012.1.3) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password.
64.31.20.110/18	64.31.20.110 (110-20-31-64.servebyte.net) in Limestone Networks, Inc. (US) (2012.1.3) Malicious and huge pop brute force attack (194 login attempts).
128.113.38.8/16	128.113.38.8 (starfire.lab.acm.rpi.edu = stonelinks.org) in stonelinks.org in Rensselaer Polytechnic Institute (US) (2012.1.2) Malicious and huge ssh brute force attack (572 login attempts) focusing on the root password.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2012.1.2) Malicious and huge ssh brute force attack (81 login attempts) focusing on the root password only. This is the 5th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Dec 30 2011 (twice), Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Jan 2 2012, Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
62.164.129.34/17	62.164.129.34 in Mistral in Eclipse Networking Limited (GB) (2012.1.2) Malicious and huge pop brute force attack (5,168 login attempts).
125.72.127.134/11+	125.72.127.134 in QH-XN-TELECOM (CN) (2011.12.28, mail error 2012.1.2) Malicious and huge pop brute force attack (52 and more login attempts). The contact e-mail address pangph@public.xn.qh.cn does not work because of '<pangph@public.xn.qh.cn>: connect to public.xn.qh.cn[125.72.125.130]:25: Connection refused' (2012.1.2) Add 125.61.128.0/17, 125.62.0.0/15, 125.64.0.0/11, 125.96.0.0/15 and 125.98.0.0/16 to the permanent block list.
118.145.25.90/14	118.145.25.90 (wangguan14.ccidnet.com) in ccidnet.com in Beijing Sanxin Shidai Co. Ltd (1513 Xinjishu building Beijing link west road, Haidian District, Beijing, PRC) in the criminals' heaven network Beijing Bitone United Networks Technology Service Co.,Ltd (No.26 Chaowai Str., Chaoyang District,Beijing,P.R.C, CN) - Pang Patrick (bill.pang@bj.datadragon.net, Fl./8, South Building, Bridge Mansion, No. 53, phone:+86-10-63181513, fax-no:+86-10-63181597, CN) (CN) (2011.12.28, mail error 2012.1.2) Malicious and huge ssh brute force attacks (68 login attempts) focusing on the root password only. The contact e-mail address bill.pang@bj.datadragon.net does not work because of '<bill.pang@bj.datadragon.net>: connect to bj.datadragon.net[211.147.3.134] Connection timed out' (2012.1.2) Add 118.144.0.0/14 to the permanent block list.
218.108.236.99/15+	218.108.236.99 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.30 again) Malicious and huge ssh brute force attack (1 login attempts). And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.236.99 (Jan 1 2012), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
213.192.85.57/20	213.192.85.57 in TASK Academic Computer Centre in Gdansk University of Technology (PL) (2012.1.1) Malicious and huge ssh brute force attack (38 login attempts) focusing on the root password.
209.62.9.146/17	209.62.9.146 (ev1s-209-62-9-146.theplanet.com = jengamedia.com) in jengamedia in ThePlanet.com Internet Services, Inc. (US) (2012.1.1) Malicious and huge ssh brute force attack (1,561 login attempts).
163.125.81.250/16	163.125.81.250 in China Unicom Guangdong province network (中国联通广东分公司) in China Unicom (中国联通) (CN) (2012.1.1) Malicious, low frequency and huge smtp auth attempts (76 and more login attempts). Add 163.125.0.0/16 to the permanent block list.
88.149.159.194 202.109.129.166 209.62.90.162 95.87.194.7 211.144.82.8 146.48.84.52 221.224.13.25 122.255.96.164 122.255.96.164 202.28.37.63 58.254.143.204 122.255.96.164 202.158.52.211 91.121.14.134 94.23.200.132 200.20.16.250 91.121.103.150 72.11.144.119 161.139.147.191 94.23.32.7 91.121.16.91 91.121.148.216 91.121.100.52 91.121.153.61 94.23.206.170 91.121.74.103 91.121.15.91 91.121.160.160 91.121.22.107	They are http vulnerability probers at leaset 20 probes in Dec 2011.
218.146.11.193/12	218.146.11.193 in Korea Telecom (KR) (2011.12.31) Malicious and huge ssh brute force attack (102 login attempts) focusing onn the root password only. Add 218.144.0.0/12 to the permanent block list.
222.237.78.142/13	The criminal 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) in the criminals' netowrk roadmarker.kr in the criminals' netowrk tongkni (통큰아이) in the criminals' netowrk SK Broadband Co Ltd (SK브로드밴드) in the criminals' netowrk NATE (네이트) (NATE = Hanaro Telecom Inc.) (KR) (2011.12.31) Malicious and huge ssh brute force attack (312 login attempts). This is the 3rd attack by the criminal 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) since Dec 12 2011 and Sep 9 2011. Add 222.232.0.0/13 to the permanent block list.
118.174.13.104/19	118.174.13.104 in Royal-Thai-Navy in TOT Public Company Limited (TH) (2011.12.31) Malicious and huge ssh brute force attack (257 login attempts) focusing on the root password only.
184.173.11.8/15	184.173.11.8 (184.173.11.8-static.reverse.softlayer.com) in ThePlanet.com Internet Services, Inc. (US) (2011.12.31) Malicious and huge ssh brute force attack (257 login attempts) focusing on the root password only.
202.112.14.157/13+	202.112.14.157 in CERNet: China Education and Research Network (中国教育和科研计算机网) (CN) (2011.12.30) Malicious and huge ssh brute force attack (214 login attempts). Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
60.199.198.242/15	The criminals' host 60.199.198.242 in Taiwan Fixed Network CO.,LTD. (台灣大電訊) (TW) (2011.12.30) Malicious and huge ssh brute force attack (19 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 60.199.198.242 since Dec 25-27 2011.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.30 again) Malicious and huge ssh brute force attack (10 login attempts) focusing on the root password only. This is the 4th attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Dec 30 2011, Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Dec 30 2011 twice, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
218.29.54.13/11	218.29.54.13 in China Unicom Henan province network (中国联通河南省分公司) in CHINA UNICOM (中国联通) (CN) (2011.12.30) Malicious and huge ssh brute force attack (67 login attempts) focusing on the root password only. Add 218.0.0.0/11 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.30) Malicious and huge ssh brute force attack (102 login attempts) focusing on the root password. This is the 3rd attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Dec 23 2011 and Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Dec 30 2011, Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
180.186.72.53/14+	180.186.72.53 in Beijing Times Telecom Engineering Corporation Limited (北京时代互通电信工程有限公司) (CN) (2011.12.29) Malicious and huge ssh brute force attack (50 login attempts) focusing on the root password. Add 180.184.0.0/14 and 180.188.0.0/17 to the permanent block list.
121.13.29.132/13+	121.13.29.132 (132.29.13.121.broad.dg.gd.dynamic.163data.com.cn) in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.29) Malicious and huge smtp auth attempts (50 login attempts). Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
218.248.30.116/16	The criminals' host 218.248.30.116 (www.stet.edu.in) in STET Group of Institution in Bharat Sanchar Nigam Limited (IN) (2011.12.28) Malicious and huge ssh brute force attack (105 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 218.248.30.116 (www.stet.edu.in) since Dec 26 2011. Add 218.248.0.0/16 to the permanent block list.
24.117.16.210/15	24.117.16.210 (24-117-16-210.cpe.cableone.net) in CABLE ONE, INC. (US) (2011.12.28) Malicious and huge smtp auth attempts (590 login attempts).
211.154.151.150/12+	211.154.151.150 in China Motion Network Communication (潤迅通信) (CN) (2011.12.28) Malicious and huge ssh brute force attack (100 and more login attempts) focusing on the root password. Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
118.145.25.90/14	118.145.25.90 (wangguan14.ccidnet.com) in ccidnet.com in Beijing Sanxin Shidai Co. Ltd (1513 Xinjishu building Beijing link west road, Haidian District, Beijing, PRC) in Beijing Bitone United Networks Technology Service Co.,Ltd (No.26 Chaowai Str., Chaoyang District,Beijing,P.R.C, CN) - Pang Patrick (bill.pang@bj.datadragon.net, Fl./8, South Building, Bridge Mansion, No. 53, phone:+86-10-63181513, fax-no:+86-10-63181597, CN) (CN) (2011.12.28) Malicious and huge ssh brute force attacks (68 login attempts) focusing on the root password only. Add 118.144.0.0/14 to the permanent block list.
60.199.198.242/15	60.199.198.242 in Taiwan Fixed Network CO.,LTD. (台灣大電訊) (TW) (2011.12.25-27) Malicious and huge ssh brute force attack (48 login attempts) focusing on the root password.
119.82.69.154/24	119.82.69.154 in Spectra ISP Networks Private Limited (IN) (2011.12.27) Malicious and huge ssh brute force attack (68 login attempts) focusing on the root password.
91.121.22.107/16	91.121.22.107 (ns39446.ovh.net = online.tixeo.com) in Tixeo in OVH SAS (FR) (2011.12.27) Malicious and huge http vulnerability probes (40 probes).
58.63.241.209/11+	58.63.241.209 (mail.noahedu.com) in noahedu.com (诺亚教育网) in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.27) Malicious and huge http vulnerability probes (409 probes). Add 58.30.0.0/15 and 58.32.0.0/11 to the permanent block list.
218.92.110.78/11+	218.92.110.78 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.27) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
118.102.181.4/17	118.102.181.4 (abs-static-4.181.102.118.aircel.co.in = www.bitmeerut.edu.in) in Bharat Institute of Technology Meerut in Dishnet Wireless Ltd, India (IN) (2011.12.27) Malicious and huge ssh brute force attack (2,466 login attempts).
91.121.14.134 91.121.103.150 91.121.16.91 91.121.148.216 91.121.100.52 91.121.153.61 91.121.74.103 91.121.15.91 91.121.160.160	They are http vulnerability probers in OVH SAS (40 probes each) (FR) (2011.12.23-27)
125.88.112.11/11+	125.88.112.11 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.26) Malicious and huge ssh brute force attack (119 and more login attempts) focusing on the root password. Add 125.61.128.0/17, 125.62.0.0/15, 125.64.0.0/11, 125.96.0.0/15 and 125.98.0.0/16 to the permanent block list.
88.191.152.141/11	88.191.152.141 (sd-33681.dedibox.fr) in Dedibox SAS in Free SAS / ProXad (FR) (2011.12.26) Malicious and huge ssh brute force attack (63 login attempts). The contact e-mail address abuse@support.dedibox.fr does not work because of '<abuse@support.dedibox.fr>: host support.dedibox.fr[88.191.254.4] said: 550 Error (in reply to RCPT TO command)' (2011.12.26) Add 88.160.0.0/11 to the permanent block list.
218.248.30.116/16	218.248.30.116 (www.stet.edu.in) in STET Group of Institution in Bharat Sanchar Nigam Limited (IN) (2011.12.26) Malicious and huge ssh brute force attack (958 login attempts) focusing on the root password. Add 218.248.0.0/16 to the permanent block list.
202.99.65.185/12+	202.99.65.185 in China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in China Unicom (中国联通) (CN) (2011.12.24) Malicious and huge ssh brute force attack (1,227 and more login attempts). Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
119.188.7.185/12	The criminal 119.188.7.185 in the crimianls' netwoek China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2011.12.24) Malicious and huge ssh brute force attack (2 login attempts). This is the 5th attack by the criminal 119.188.7.185 since Nov 28 2011, Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2011.12.24, 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
211.154.154.238/12+	211.154.154.238 in China Motion Network Communication (潤迅通信) (CN) (2011.12.18-24) Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password only. Add 211.136.0.0/13, 211.144.0.0/12 and 211.160.0.0/13 to the permanent block list.
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.23) Malicious and huge ssh brute force attack (16 login attempts) focusing on the root password only. This is the 2nd attack by the criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Dec 19 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Dec 23 2011 and Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
94.127.67.223/21	94.127.67.223 (s094127067223.m.truevds.ru) in ServerSnab (СерверСнаб) in TrueVDS (RU) (2011.12.22) Malicious and huge ssh brute force attack (38 login attempts) focusing on the root password. Add 94.127.64.0/21 to the permanent block list.
66.214.211.218/15	66.214.211.218 (66-214-211-218.static.reno.nv.charter.com) in Charter Communications (US) (2011.12.22) Malicious and huge pop brute force attack (71 login attempts). We received a receipt from Charter Internet Security Team. (2011.12.22).
120.33.35.20/12+	120.33.35.20 in CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.21) Malicious and huge ssh brute force attack (107 login attempts). Add 120.30.0.0/15, 120.32.0.0/12 and 120.48.0.0/15 to the permanent block list.
64.60.195.27/16	64.60.195.27 (64-60-195-27.static-ip.telepacific.net = mail.nelsondavislaw.com) in Nelson Davis LLP in Telepacific Communications (US) (2011.12.21) Malicious and huge pop brute force attack (41 login attempts).
218.108.224.87/15+	The criminal 218.108.224.87 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.19) Malicious and huge ssh brute force attack (52 login attempts) focusing on the root password only. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.224.87 (Dec 19 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
217.78.33.139/20	217.78.33.139 (www2.hardstore.com) in HARDSTORE COM in DCS Shared Co-lo, Solna in Nano IT Services AB (SE) (2011.12.19) Malicious and huge ssh brute force attack (1,468 and more login attempts). We received a good response from Nano IT Services. (2011.12.19).
218.8.245.131/11	218.8.245.131 in China Unicom Heilongjiang province network (黑龙江联通) in China Unicom (中国联通) (CN) (2011.12.19) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root passowrd. Add 218.0.0.0/11 to the permanent block list.
122.194.21.12/14+	122.194.21.12 in the criminals' heaven network China Unicom JiangSu province network (江苏联通) in CHINA UNICOM (中国联通) (CN) (2011.12.19) Malicious and huge ssh brute force attack (1,648 login attempts) focusing on the root password only. Add 122.188.0.0/14 and 122.192.0.0/14 to the permanent block list.
222.47.61.236/11+	222.47.61.236 in CHINA RAILWAY TELECOMMUNICATIONS CENTER (中国铁通) (CN) (2011.12.19) Malicious and huge ssh brute force attack (439 login attempts) focusing on the root password. Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
221.239.34.171/12+	The criminal 221.239.34.171 in CHINANET Tianjin province network (中国电信网上营业厅·天津) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.18) Malicious and huge ssh brute force attack (15 login attempts) focusing on the root passowrd only. This is the 3rd attack by the criminal 221.239.34.171 since Jul 5 2011 and Jun 15-22 2011. Add 221.192.0.0/11 and 221.224.0.0/12 to the permanent block list.
58.241.109.134/12	The crimianl 58.241.109.134 in the criminals' heaven network MengXiNetwork-Corp (ZhenJiang,JiangSu Province) in the criminals' heaven network China Unicom JiangSu province network (江苏联通) in CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2011.12.18) Malicious and huge ssh brute force attack (432 login attempts) focusing on the root password. This is the 3rd attack by the crimianl 58.241.109.134 since Dec 9 2011 and Dec 3 2011. Add 58.240.0.0/12 to the permanent block list.
218.69.248.24/11+	218.69.248.24 in China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in China Unicom (中国联通) (CN) (2011.12.18) Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password only. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
114.255.40.1/11+	114.255.40.1 in Beijing University of Posts and Telecommunications (北京邮电大学) (CN) (2011.12.12-17) Malicious and huge ssh brute force attack (178 login attempts). Add 114.208.0.0/12 and 114.224.0.0/11 to the permanent block list.
58.68.227.58/17	58.68.227.58 in Beijing Blue I.T Technologies Co.,Ltd. (北京蓝汛(Chinacache)) (CN) (2011.12.17) Malicious and huge ssh brute force attack (178 login attempts). Add 58.68.128.0/17 to the permanent block list.
113.161.71.62/16	113.161.71.62 (mail.fcc0.com.vn = fcco.com.vn) in Phuc Co Ltd. in VietNam Post and Telecom Corporation (VNPT) (VN) (2011.12.17) Malicious and huge ssh brute force attack (150 and more login attempts) focusing on the root password only.
117.239.65.166/10	117.239.65.166 (mail.annatech.ac.in) in Anna University of Technology Chennai in Bharat Sanchar Nigam Limited (IN) (2011.12.17) Malicious and huge ssh brute force attack (357 login attempts). The contact e-mail address abuse@bsnl.in does not work because of '<abuse@bsnl.in>: host mx2.bsnl.in[218.248.240.205] said: 550 Recipient Suspended (in reply to RCPT TO command)' (2011.12.17) Add 117.192.0.0/10 to the permanent block list.
121.207.230.69/14	The criminals' host 121.207.230.69 in CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11.17) Malicious and huge ssh brute force attack (74 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 121.207.230.69 since Nov 1 2011. Add 121.204.0.0/14 to the permanent block list.
202.29.240.106/15	The criminals' host 202.29.240.106 in UniNet (Inter-university network) (TH) (2011.11.17) Malicious and huge ssh brute force attack (49 login attempts) focusing on the root passeord. This is the 2nd attack by the criminals' host 202.29.240.106 since Dec 2-5 2011. Add 202.28.0.0/15 to the permanent block list.
121.160.102.137/10	121.160.102.137 in Korea Telecom (KR) (2011.12.17) Malicious and huge http probes (85 probes). Add 121.128.0.0/10 to the permanent block list.
218.203.191.254/12	The criminal 218.203.191.254 in the criminal China Mobile Communications Corporation - gansu (甘肃移动) in China Mobile Communications Corporation (中国移动通信集团公司) in People's Republic of China. (CN) (2011.12.16) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password. This is the 4th attack by the criminal 218.203.191.254 since Dec 7 2011, Dec 4 2011 and Nov 29 2011. Add 218.192.0.0/12 to the permanent block list.
200.123.132.61/7	200.123.132.61 (customer-static-123-132-61.iplannetworks.net) in NSS S.A. in IPLAN (AR) (2011.12.16) Malicious and huge pop brute force attack (22 login attempts). Add 200.0.0.0/7 to the permanent block list.
190.17.206.18/8+	190.17.206.18 (18-206-17-190.fibertel.com.ar) in CABLEVISION S.A .in Fibertel (AR) (2011.12.16) Malicious and huge pop brute force attack (16 login attempts). Add 189.0.0.0/8 and 190.0.0.0/8 to the permanent block list.
123.31.2.155/15	123.31.2.155 in VietNam Data Communication Company (VDC) in VietNam Post and Telecom Corporation (VNPT) (VN) (2011.12.16) Malicious and huge ssh brute force attack (962 login attempts). Add 123.30.0.0/15 to the permanent block list.
118.97.82.146/24	The cirminals' host 118.97.82.146 (146.subnet118-97-82.static.astinet.telkom.net.id) in PT. TELKOM INDONESIA (ID) (2011.12.15) Malicious and huge ssh brute force attack (121 login attempts) focusing on the root password. This is the 2nd attack by the cirminals' host 118.97.82.146 (146.subnet118-97-82.static.astinet.telkom.net.id) since Nov 7 2011. Add 118.97.82.0/24 to the permanent block list.
112.215.11.169/16	The crimianls' host 112.215.11.169 in PT Excelcomindo Pratama (ID) (2011.12.15) Malicious and huge ssh brute force attack (117 login attempts). This is the 2nd attack by the crimianls' host 112.215.11.169 since Nov 7 2011. Add 112.215.0.0/16 to the permanent block list.
202.201.1.66/12	202.201.1.66 (job.lzu.edu.cn) (兰州大学学生就业服务网) in Lanzhou University (兰州大学) in CERNet: China Education and Research Network (中国教育和科研计算机网) (CN) (2011.12.15) Malicious and huge smtp auth attempts (244 login attempts). Add 202.192.0.0/12 to the permanent block list.
124.160.227.12/13	124.160.227.12 in China Unicom Zhejiang province network (浙江联通) in CHINA UNICOM (中国联通) (CN) (2011.12.14) Malicious and huge ssh brute force attack (62 and more login attempts). Add 124.160.0.0/13 to the permanent block list.
70.38.12.106/17	The criminal 70.38.12.106 in iWeb Technologies Inc. (CA) (2011.12.14) Malicious and huge ssh brute force attack (7 login attempts) focusing on the root password only. This is the 3rd attack by the criminal 70.38.12.106 since Dec 12 2011 and Dec 9-10 2011. Add 70.38.0.0/17 to the permanent block list.
212.116.162.134/19	212.116.162.134 (mail.diukenergy.com) in Mishkei in Golden Lines International Communication Services Ltd. (IL) (2011.12.14) Malicious and huge pop brute force attack (50 login attempts).
218.108.85.240/15+	The criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.13) Malicious and huge ssh brute force attack (61 and more login attempts) focusing on the root password. This is the 8th attack by the criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. since Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 13 2011, Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 2010), and more and more criminals (before 2010) Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
31.169.86.32/19	The criminals' host 31.169.86.32 (lin3.xnet.com.tr = ip32.subnet86.netfactor.net.tr) in XNET in NetFactor Telekom (TR) (2011.12.13) Malicious and huge ssh brute force attack (63 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 31.169.86.32 (lin3.xnet.com.tr = ip32.subnet86.netfactor.net.tr) since Dec 10 2011. Add 31.169.64.0/19 to the permanent block list.
58.196.7.237/11	58.196.7.237 in CERNet: China Education and Research Network (中国教育和科研计算机网) (CN) (2011.12.13) Malicious and huge ssh brute force attack (36 and more login attempts) focusing on the root password only. Add 58.192.0.0/11 to the permanent block list.
123.49.34.10/18	123.49.34.10 in Islamic University of Technology in Bangladesh Telecommunications Company Ltd. (BD) (2011.12.13) Malicious and huge ssh brute force attack (40 and more login attempts) focusing on the root password.
202.99.248.2/12+	202.99.248.2 in InnerMengoliaHuhhutzhiyexueyuan in China Unicom Neimeng province network (内蒙古联通) in CHINA UNICOM (中国联通) (CN) (2011.12.13) Malicious and huge ssh brute force attack (720 and more login attempts) focusing on the root password only. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
60.217.234.142/12+	The criminal 60.217.234.142 in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2011.12.13) Malicious and huge ssh brute force attack (72 login attempts) focusing on the root password. This is the 4th attack by the criminal 60.217.234.142 since Apr 2 2011, Jan 18 2011 and Sep 16 2010. Add 60.200.0.0/13 and 60.208.0.0/12 to the permanent block list.
61.132.255.107/10	61.132.255.107 in CHINANET Anhui province network (中国电信股份有限公司安徽分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.13) Malicious and huge ssh brute force attack (144 login attempts) focusing on the root password. Add 61.128.0.0/10 to the permanent block list.
208.122.57.58/18	208.122.57.58 (annamaria.com) in Anna Maria Island Vacation Rentals in Voxel Dot Net, Inc. (US) (2011.12.12) Malicious and huge ssh sip connection attack (85 connection attempts).
202.96.199.150/12+	The criminal 202.96.199.150 in CHINANET shanghai province network (中国电信上海信息产业(集团)有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.12) Malicious and huge ssh brute force attack (12 login attempts) focusing on the root password only. This is the 7th attack by the criminal 202.96.199.150 since Jun 29 2011, Jan 19 2011, May 14 2010, May 1 2010, Oct 12 2009 and Feb 26 2009. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
41.203.119.18/24	The criminal 41.203.119.18 in the criminal ICSL Network (NG) (2011.12.12) Malicious and huge ssh brute force attack (213 login attempts) focusing on the root password. This is the 8th attack by the criminal 41.203.119.18 since Dec 11 2011, Mar 23 2011, Mar 22 2011, Mar 19 2011, Mar 13 2011, Mar 12 2011 and Mar 10 2011. Add 41.203.119.0/24 to the permanent block list.
222.237.78.142/13	The criminals' host 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) in roadmarker.kr in tongkni (통큰아이) in the criminals' heaven netowrk SK Broadband Co Ltd (SK브로드밴드) in NATE (네이트) (NATE = Hanaro Telecom Inc.) (KR) (2011.12.12) Malicious and huge ssh brute force attack (181 and more login attempts). This is the 2nd attack by the criminals' host 222.237.78.142 (222-237-78-142.tongkni.co.kr = roadmarker.kr) since Sep 9 2011. Add 222.232.0.0/13 to the permanent block list.
61.145.118.190/10	The criminals' host 61.145.118.190 in shanghaiwangsukejigufenyouxiang in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.12) Malicious and huge ssh brute force attack (6 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 61.145.118.190 since May 13 2011. Add 61.128.0.0/10 to the permanent block list.
70.38.12.106/17	The criminals' host 70.38.12.106 in iWeb Technologies Inc. (CA) (2011.12.12) Malicious and huge ssh brute force attack (27 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 70.38.12.106 since Dec 9-10 2011. Add 70.38.0.0/17 to the permanent block list.
74.208.13.204/16	74.208.13.204 (u15413562.onlinehome-server.com) in 1&1 Internet Inc. (US) (2011.12.12) Malicious and huge ssh brute force attack (895 login attempts) focusing on the root password only.
178.18.19.173/22	178.18.16.102 in Netriplex-USA-20100611 in FiberMax Networks BV (US, NL) (2011.12.12) Malicious and huge ssh brute force attack (1,624 login attempts).
72.27.48.10/17+	72.27.48.10 in Cable and Wireless Jamaica (JM) (2011.12.12) Malicious and huge ssh brute force attack (927 login attempts) focusing on the root password.
116.18.95.112/12	116.18.95.112 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.12.11-12) Malicious and huge smtp auth attempts (46 login attempts). Add 116.16.0.0/12 to the permanent block list.
41.203.119.18/24	The criminal 41.203.119.18 in the criminal ICSL Network (NG) (2011.12.11) Malicious and huge ssh brute force attack (1 login attempts) focusing on the root password. This is the 7th attack by the criminal 41.203.119.18 since Mar 23 2011, Mar 22 2011, Mar 19 2011, Mar 13 2011, Mar 12 2011 and Mar 10 2011. Add 41.203.119.0/24 to the permanent block list.
178.18.16.102/22	178.18.16.102 in Netriplex-USA-20100611 in FiberMax Networks BV (US, NL) (2011.12.11) Malicious and huge ssh brute force attack (50 login attempts) focusing on the root password.
91.211.52.53/22+	91.211.52.53 in Buko Ltd (MK-NET) (RU) (2011.12.11) Malicious and huge ssh brute force attack (26 login attempts) focusing on the root password only. Add 91.211.52.0/22, 91.211.56.0/21 and 91.211.64.0/22 to the permanent block list.
31.169.86.32/19	31.169.86.32 (lin3.xnet.com.tr = ip32.subnet86.netfactor.net.tr) in XNET in NetFactor Telekom (TR) (2011.12.10) Malicious and huge ssh brute force attack (66 login attempts) focusing on the root password. Add 31.169.64.0/19 to the permanent block list.
212.24.47.68/10	212.24.47.68 in EVRONOVOSTI-U in CARAVAN-TELECOM (Караван) (RU) (2011.12.10) Malicious and huge pop brute force attack (135 login attempts). Add 212.24.32.0/19 to the permanent block list.
123.178.189.139/15+	123.178.189.139 (中国庆华邮件系统) in CHINA KINGHO (中国庆华集团) in CHINANET neimeng province network (中国电信股份有限公司内蒙古分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.4-5, mail error 2011.12.10) Malicious and huge ssh brute force attack (148 login attempts) focusing on the root password. The contact e-mail address abuse@nmgtele.com does not work because of 'abuse@nmgtele.com - connect to nmgtele.com[199.59.241.243]: Connection timed out.' (2011.12.10) Add 123.177.0.0/16, 123.178.0.0/15, 123.180.0.0/14 and 123.184.0.0/13 to the permanent block list.
125.64.94.251/11+	125.64.94.251 in CHINANET Sichuan province network (中国电信四川有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.12.10) Malicious and huge ssh brute force attack (462 login attempts) focusing on the root password. Add 125.61.128.0/17, 125.62.0.0/15, 125.64.0.0/11, 125.96.0.0/15 and 125.98.0.0/16 to the permanent block list.
70.38.12.106/17	70.38.12.106 in iWeb Technologies Inc. (CA) (2011.12.9-10) Malicious and huge ssh brute force attack (46 login attempts) focusing on the root password. Add 70.38.0.0/17 to the permanent block list.
218.108.85.252/15+	218.108.85.252 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.9) Malicious and huge ssh brute force attack (122 login attempts) focusing on the root password. And many criminals live in WASU TV & Communication Holding Co.,Ltd. (华数TV) : 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.85.240 (Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.241 (Jul 23 2011), 218.108.85.244 (May 23 2010), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.252 (Dec 9 2011), 218.108.230.103 (May 2 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.247.153 (Jul 30 2011), 218.108.248.123 (Jan 7 2010) and more and more criminals (before 2010), 218.108.248.119 (May 13 2011), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 200) Add 125.210.0.0/15, 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
188.95.159.120/24	188.95.159.120 in Tavria Host Network (Gennady Mihajlov, Shorsa str., 2, Nikopol) in UAIP (UA) (2011.12.9) Malicious and huge pop brute force attack (730 login attempts). No contact email address. Many malicious web pages seem to be in Tavria Host. Add 188.95.152.0/24 to the permanent block list.
58.241.109.134/12	The crimianls' host 58.241.109.134 in MengXiNetwork-Corp (ZhenJiang,JiangSu Province) in China Unicom JiangSu province network (江苏联通) in CHINA UNICOM (中国联通) (CN) (2011.12.9) Malicious and huge ssh brute force attack (432 login attempts) focusing on the root password. This is the 2nd attack by the crimianls' host 58.241.109.134 since Dec 3 2011. Add 58.240.0.0/12 to the permanent block list.
58.241.109.134/12	58.241.109.134 in MengXiNetwork-Corp in China Unicom JiangSu province network (江苏联通) in CHINA UNICOM (中国联通) (CN) (2011.12.3, mail error 2011.12.8) Malicious and huge ssh brute force attack (62 login attempts) focusing on the root password. The contact e-mail address ll@jsnetcom.com does not work because of '<ll@jsnetcom.com>: Name service error for jsnetcom.com: Host not found, try again' (2011.12.8) Add 58.240.0.0/12 to the permanent block list.
188.124.44.13/19	188.124.44.13 (host-188.124.44.13.transmedia.su) in KS Telecom, Co.,Ltd (lane, Moscow, Russia, 115547) (RU) (2011.12.8) Malicious and huge ssh brute force attack (627 login attempts). Add 188.124.32.0/19 to the permanent block list.
218.108.85.240/15+	The criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.12.8) Malicious and huge ssh brute force attack (11 login attempts) focusing on the root password only. This is the 7th attack by the criminal 218.108.85.240 in the criminal WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. since Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.85.240 (Dec 8 2011, Nov 26 2011, Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011), 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.241 (Jul 23 2011), 218.108.247.153 (Jul 30 2011), 218.108.248.119 (May 13 2011), 218.108.230.103 (May 2 2011), 218.108.0.70 (Jan 20 2011), 218.108.63.210 (Dec 31 2011), 218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010), 218.108.85.244 (May 23 2010), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 200), 125.210.34.228 (Mar 6 2010 and Dec 10 2009), 218.108.248.123 (Jan 7 2010) and more and more criminals (before 2010). The contact e-mail address allon@chinahcn.com does not work because of '<allon@chinahcn.com> and <fengtao@chinahcn.com>: connect to smg.chinahcn.com[218.108.250.184]: Connection timed out' (2011.12.1) Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
116.4.52.48/14+	116.4.52.48 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.12.8) Malicious and huge smtp auth attempts (51 login attempts). Add 116.1.0.0/16, 116.2.0.0/15, 116.4.0.0/14 and 116.8.0.0/14 to the permanent block list.
218.203.191.254/12	The criminal 218.203.191.254 in the criminal China Mobile Communications Corporation - gansu (甘肃移动) in China Mobile Communications Corporation (中国移动通信集团公司) (CN) (2011.12.7) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password. This is the 3rd attack by the criminal 218.203.191.254 since Dec 4 2011 and Nov 29 2011. The contact e-mail address zjf780211@chinaren.com does not work because of '<zjf780211@chinaren.com>: host mx.chinaren.com[61.135.132.112] said: 550 5.1.1 <zjf780211@chinaren.com>: Recipient address rejected: User unknown in local recipient table (in reply to RCPT TO command)' (2011.12.7) Add 218.192.0.0/12 to the permanent block list.
218.239.130.77/13	218.239.130.77 in SK Broadband Co Ltd (SK브로드밴드) in NATE (네이트) (NATE = Hanaro Telecom Inc.) (KR) (2011.12.7) Malicious and huge pop brute force attack (34 login attempts) focusing on the 'windows' user. Add 218.232.0.0/13 to the permanent block list.
203.251.93.5/11	203.251.93.5 (mail.tc.co.kr) in TC (taechangcheolgang(ju)) in Korea Telecom (KR) (2011.12.6) Malicious and huge ssh brute force attack (627 login attempts). Add 203.224.0.0/11 to the permanent block list.
124.160.227.16/13	124.160.227.16 in China Unicom Zhejiang province network (浙江联通) in CHINA UNICOM (中国联通) (CN) (2011.12.6) Malicious and huge ssh brute force attack (202 login attempts). Add 124.160.0.0/13 to the permanent block list.
202.29.240.106/15	202.29.240.106 in UniNet (Inter-university network) (TH) (2011.12.2-5) Malicious and huge ssh brute force attack (30 login attempts) focusing on the root passeord. Add 202.28.0.0/15 to the permanent block list.
67.215.53.204/20	67.215.53.204 (mx.solvingit.ca = iphost-67-215-53-204.wpg.wiband.net) in SolvingIT in WiBand Communications (CA) (2011.12.4) Malicious and huge ssh brute force attack (273 login attempts) focusing on the root password.
117.111.183.67/15	117.111.183.67 (www.wangun.ms.kr) in www.wangun.ms.kr (왕운중학교) in the criminals' heaven network DACOM-PUBNETPLUS (LG U+ 국가정보통신서비스) in LG유플러스 (KR) (2011.12.4) Malicious and huge ssh brute force attack (261 login attempts). This is the 2nd attack by 117.111.183.67 (www.wangun.ms.kr) since Oct 8 2011. The contact e-mail address scan1984@bora.net expanded from security@bora.net does not work because of 'Sorry, no mailbox here by that name.' (2011.12.5) And the contact e-mail address franc3sco@bora.net expanded from security@bora.net does not work because of 'Recipient's maiilbox is full, message returned to sender, (#5.2.2) [5mtot_quota:(314572800), use_quota:(316389696), msg_size:(133711), send_flag(0)' (2011.12.5) Add 117.110.0.0/15 to the permanent block list.
218.203.191.254/12	The criminals' host 218.203.191.254 in the criminals' network China Mobile Communications Corporation - gansu (甘肃移动) in China Mobile Communications Corporation (中国移动通信集团公司) (CN) (2011.12.4) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 218.203.191.254 since Nov 29 2011. The contact e-mail address zjf780211@chinaren.com does not work because of '<zjf780211@chinaren.com>: host mx.chinaren.com[61.135.132.112] said: 550 5.1.1 <zjf780211@chinaren.com>: Recipient address rejected: User unknown in local recipient table (in reply to RCPT TO command)' (2011.12.4) Add 218.192.0.0/12 to the permanent block list.
218.108.85.240/15+	The criminal 218.108.85.240 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.11.26, mail error 2911.12.1) Malicious and huge ssh brute force attack (11 login attempts) focusing on the root password only. This is the 6th attack by the criminal 218.108.85.240 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. since Nov 25 2011, Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.241 (Jul 23 2011), 218.108.247.153 (Jul 30 2011), 218.108.248.119 (May 13 2011), 218.108.230.103 (May 2 2011), 218.108.0.70 (Jan 20 2011),218.108.63.210 (Dec 31 2011),218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010),218.108.85.244 (May 23 2010), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 200), 125.210.34.228 (Mar 6 2010 and Dec 10 2009), 218.108.248.123 (Jan 7 2010) and more and more criminals (before 2010). The contact e-mail address allon@chinahcn.com does not work because of '<allon@chinahcn.com> and <fengtao@chinahcn.com>: connect to smg.chinahcn.com[218.108.250.184]: Connection timed out' (2011.12.1) Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
218.174.173.245/12	218.174.173.245 (218-174-173-245.dynamic.hinet.net) in CHTD, Chunghwa Telecom Co.,Ltd. (TW) (2011.12.1) Malicious and huge pop brute force attack (152 and more login attempts). We received an automatic receipt from HiNet Security Operation Center. (2011.12.1). We received a report from HiNet Security Operation Center. (2011.12.1).
218.38.12.92/14	218.38.12.92 (218-38-12-92.youiwe.co.kr) in NUNAURI.COM (너나우리) in SK Broadband Co Ltd (SK브로드밴드) in NATE (네이트) (NATE = Hanaro Telecom Inc.) (KR) (2011.12.1) Malicious and huge ssh brute force attack (627 login attempts). Add 218.36.0.0/14 to the permanent block list.
202.121.166.203/15+	The criminals' host 202.121.166.203 in East China University Of Politics And Law (华东政法大学) in CERNet: China Education and Research Network (中国教育和科研计算机网) in People's Republic of China. (CN) (2011.11.30) Malicious and huge ssh brute force attack (1 login attempts). This is the 2nd attack by the criminals' host 202.121.166.203 since Nov 7 2011. Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
119.188.7.196/12	119.188.7.196 in the crimianls' heaven netwoek China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2011.11.30) Malicious and huge ssh brute force attack (324 login attempts) focusing on the root password. Many criminals live in 119.188.7.* block ( 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.185 in 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29, 119.188.7.196 in 2011.11.30, .) Add 119.176.0.0/12 to the permanent block list.
202.65.11.8/23	202.65.11.8 in MGH Infotech Ltd. (BD) (2011.11.30) Malicious and huge ssh brute force attack (93 login attempts) focusing on the root password.
202.29.86.12/15	The cirminal 202.29.86.12 (student.mbu.ac.th) in Mahamakut Buddhist University (มหาวิทยาลัยมหามกุฏราชวิทยาลัย) in UniNet (Inter-university network) (TH) (2011.11.30) Malicious and huge ssh brute force attack (609 and more login attempts). This is the 5th attack by the cirminal 202.29.86.12 in UniNet (Inter-university network) since Oct 28 2011, Sep 18 2011, Jul 18 2011 and Jun 29 2011. Add 202.28.0.0/15 to the permanent block list.
61.184.101.46/10	61.184.101.46 in CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11.29) Malicious and huge ssh brute force attack (55 login attempts). This is the 2nd attack by 61.184.101.46 since Nov 14 2009. Add 61.128.0.0/10 to the permanent block list.
118.217.12.34/13	The criminals' host 118.217.12.34 in SK Broadband Co Ltd (SK브로드밴드) in NATE (네이트) (NATE = Hanaro Telecom Inc.) (KR) (2011.11.29) Malicious and huge ssh brute force attack (481 login attempts). This is the 2nd attack by the criminals' host 118.217.12.34 since Aug 28 2011. Add 118.216.0.0/13 to the permanent block list.
218.203.191.254/12	218.203.191.254 in the criminals' heaven network China Mobile Communications Corporation - gansu (甘肃移动) in China Mobile Communications Corporation (中国移动通信集团公司) (CN) (2011.11.29) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root password. The contact e-mail address zjf780211@chinaren.com does not work because of '<zjf780211@chinaren.com>: host mx.chinaren.com[61.135.132.112] said: 550 5.1.1 <zjf780211@chinaren.com>: Recipient address rejected: User unknown in local recipient table (in reply to RCPT TO command)' (2011.11.29) Add 218.192.0.0/12 to the permanent block list.
77.235.202.227/19	77.235.202.227 (227.202.krasnoyarsk.ptl.ru) in Krasnoyarsk in the criminals' heaven network Quantum Communications (RU) (2011.11.29) Malicious and huge pop brute force attack (571 login attempts). The contact e-mail address admin@ptl.ru does not work because of '<admin@ptl.ru>: host relay.quantum.ru[213.170.64.34] said: 554 5.7.1 Service unavailable; Client host [w.x.y.z] blocked using jp.countries.nerd.dk; Your IP is in jp, rejected based on geographical location (in reply to RCPT TO command)' (2011.11.29) And the contact e-mail address pas@ptl.ru does not work because of '<pas@ptl.ru>: host relay.quantum.ru[213.170.64.34] said: 554 5.7.1 Service unavailable; Client host [w.x.y.z] blocked using jp.countries.nerd.dk; Your IP is in jp, rejected based on geographical location (in reply to RCPT TO command)' (2011.11.29) Add 77.235.192.0/19 to the permanent block list. And add 213.170.64.0/18 to the permanent block list.
74.63.246.222/18	74.63.246.222 (222-246-63-74.servebyte.net) in Limestone Networks, Inc. (US) (2011.11.28-29) Malicious and huge pop brute force attack (181 login attempts).
119.188.7.185/12	The criminal 119.188.7.185 in the crimianls' heaven netwoek China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2011.11.28) Malicious and huge ssh brute force attack (15 login attempts). This is the 4th attack by the criminals' host 119.188.7.185 since Nov 26 2011, Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block (119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.185 in 2011.11.28, 2011.11.26, 2011.11.24 and 2011.9.8-29 .) Add 119.176.0.0/12 to the permanent block list.
119.188.7.158/12	119.188.7.158 in the crimianls' heaven netwoek China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2011.11.28) Malicious and huge pop brute force attack (637 login attempts). Many criminals live in 119.188.7.* block (119.188.7.158 in 2011.11.28, 119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.185 in 2011.11.26, 2011.11.24 and 2011.9.8-29.) Add 119.176.0.0/12 to the permanent block list.
212.43.245.234/18	212.43.245.234 (clara4.infotronique-online.com) in Claranet France (FR) (2011.11.27) Malicious and huge smtp auth attempts (60 login attempts).
218.22.211.69/11	218.22.211.69 in CHINANET Anhui province network (中国电信股份有限公司安徽分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11,27) Malicious and huge ssh brute force attack (56 login attempts) focusing on the root password only. Add 218.0.0.0/11 to the permanent block list.
115.95.56.181/13	115.95.56.181 in BORANET- LG DACOM Corporation (LG유플러스) (KR) (2011.11.27) Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password. Add 115.88.0.0/13 to the permanent block list.
211.170.127.173/13+	211.170.127.173 (java.gbtec.co.kr) in BORANET- LG DACOM Corporation (LG유플러스) (KR) (2011.11.26) Malicious and huge http probes (286 probes). Add 211.168.0.0/13, 211.176.0.0/12 and 211.192.0.0/10 to the permanent block list.
218.106.117.59/14	218.106.117.59 in yate-business-mansion (shaoxing city,zhejiang province) in CNC Group CHINA169 Hubei Province Network in China Unicom Hubei province network (湖北联通) in China Unicom (中国联通) (CN) (2011.11.26) Malicious and huge ssh brute force attack (58 and more login attempts) focusing on the root password only. Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
208.93.117.62/21	208.93.117.62 (tph-ws-iws4.mebyu.net) in TULIP SYSTEMS, INC. (US) (2011.11.26) Malicious and huge ssh brute force attack (126 login attempts).
202.14.9.23/21	202.14.9.23 in KDDI SINGAPORE PTE LTD (SG) (2011.11.26) Malicious and huge ssh brute force attack (324 login attempts) focusing on the root password only. We received a receipt and report from KDDI Singapore Helpdesk. (2011.11.26).
119.188.7.185/12	The criminal 119.188.7.185 in the crimianls' heaven netwoek China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) in People's Republic of China. (CN) (2011.11.26) Malicious and huge ssh brute force attack (15 login attempts). This is the 3rd attack by the criminals' host 119.188.7.185 since Nov 24 2011 and Sep 8-29 2011. Many criminals live in 119.188.7.* block (119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.185 in 2011.9.8-29 and 2011.11.24.) Add 119.176.0.0/12 to the permanent block list.
218.236.90.100/13	218.236.90.100 in SK Broadband Co Ltd (SK브로드밴드) in NATE (네이트) (NATE = Hanaro Telecom Inc.) (KR) (2011.11.26) Malicious and huge smtp relay attempts (29 and more login attempts). Add 218.232.0.0/13 to the permanent block list.
180.74.91.151/14	180.74.91.151 in Packet One Networks (M) Sdn (MY) (2011.11.25) Malicious and huge pop brute force attack (52 login attempts).
218.108.85.240/15+	The criminal 218.108.85.240 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Xianlong Zeng, allon@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958852, fax-no:+86-0571-85214455 / Tao Feng, fengtao@chinahcn.com, No.9 ShuGuang Road,HangZhou City,ZheJiang Province, phone:+86-0571-28958888-8108, fax-no:+86-0571-85214455) in People's Republic of China. (CN) (2011.11.25) Malicious and huge ssh brute force attack (99 login attempts) focusing on the root password. This is the 5th attack by the criminal 218.108.85.240 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. since Nov 20 2011, Oct 16 2011, Oct 12 2011 and Sep 18-30 2011. And many criminals live in WASU TV & Communication Holding Co.,Ltd. network : 218.108.85.251 (Nov 8 2011, Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice) , Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice)), 218.108.85.241 (Jul 23 2011), 218.108.247.153 (Jul 30 2011), 218.108.248.119 (May 13 2011), 218.108.230.103 (May 2 2011), 218.108.0.70 (Jan 20 2011),218.108.63.210 (Dec 31 2011),218.108.231.34 (Nov 22 2010), 218.108.235.86 (Sep 17 2010),218.108.85.244 (May 23 2010), 125.210.34.228 (Apr 20 2010, Apr 26 2010, Mar 6 2010 and Dec 10 2009), 125.210.253.164 (Mar 20 2010 and Oct 12 200), 125.210.34.228 (Mar 6 2010 and Dec 10 2009), 218.108.248.123 (Jan 7 2010) and more and more criminals (before 2010). Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
119.188.7.185/12	The criminals' host 119.188.7.185 in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2011.11.24) Malicious and huge ssh brute force attack (15 login attempts). This is the 2nd attack by the criminals' host 119.188.7.185 since Sep 8-29 2011. Many criminals live in 119.188.7.* block (119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.185 in 2011.9.8-29 and 2011.11.24.) Add 119.176.0.0/12 to the permanent block list.
218.61.205.4/13+	218.61.205.4 in China Unicom Liaoning province network (中国联合网络通信有限公司辽宁省分公司) in China Unicom (中国联通) (CN) (2011.11.5-24) Malicious and huge ssh brute force attack (334 login attempts) focusing on the root password only. Add 218.56.0.0/13,218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
210.114.55.35/11+	210.114.55.35 (pppd210-114-55-35.hitel.net) in KTHitel Co., Ltd. (파란) in Korea Telecom (KR) (2011.11,23) Malicious and huge ssh brute force attack (50 login attempts). Add 210.90.0.0/15, 210.92.0.0/14 and 210.96.0.0/11 to the permanent block list.
218.174.170.197/12	218.174.170.197 (218-174-170-197.dynamic.hinet.net) in CHTD, Chunghwa Telecom Co.,Ltd. (TW) (2011.11.23) Malicious and huge pop brute force attack (63 and more login attempts). We received an automatic receipt from HiNet Security Operation Center. (2011.11.23). We received a report from HiNet Security Operation Center. (2011.11.24).
14.63.242.182/11+	14.63.242.182 in Korea Telecom (KR) (2011.11,23) Malicious and huge ssh brute force attack (67 and more login attempts). Add 14.32.0.0/11 and 14.64.0.0/11 to the permanent block list.
210.115.62.120/11+	210.115.62.120 (social.kangwon.ac.kr) in College of Social Science (강원대학교 사회과학대학) in Kangwon National University (강원대학교) in Korean Education Network (KR) (2011.11,23) Malicious and huge ssh brute force attack (42 login attempts) focusing on the root password. Add 210.90.0.0/15, 210.92.0.0/14 and 210.96.0.0/11 to the permanent block list.
94.193.109.49/14	94.193.109.49 (94-193-109-49.zone7.bethere.co.uk) in Be Broadband in O2 Broadband (GB) (2011.11.23) Malicious and huge ssh brute force attack (151 login attempts) focusing on the root password.
31.170.106.26/21	31.170.106.26 (de.miramo.net) in Bradler & Krantz GmbH & Co. KG (DE) (2011.11.23) Malicious and huge ssh brute force attack (86 login attempts) focusing on the root password. We received an automatic receipt from Bradler & Krantz GmbH & Co. KG. (2011.11.23).
218.231.59.52/20	218.231.59.52 (client1052.awaikeda.com) in Ikeda Town Office / Ikeda Cable Network in STNet, Incorporated (JP) (2011.11.23) Malicious and huge pop brute force attack (297 and more login attempts).
41.252.26.127/14	41.252.26.127 in Libyan Telecom and Technology (ليبيا للاتصالات و التقنية) (LY) (2011.11.22) Malicious and huge smtp relay attempts (20 attempts).
222.186.29.69/12+	222.186.29.69 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11,22) Malicious and huge ssh brute force attack (44 login attempts) focusing on the root password only. This is the 2nd attack by 222.186.29.69 since Nov 18 2011. Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
218.93.205.205/11+	218.93.205.205 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11.22) Malicious and huge ssh brute force attack (2 login attempts) focusing on the root password only. This is the 2nd attack by 218.93.205.205 since Sep 10 2010. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
125.93.150.10/11+	125.93.150.10 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.11.20) Malicious and huge smtp auth attempts (51 login attempts). Add 125.61.128.0/17, 125.62.0.0/15, 125.64.0.0/11, 125.96.0.0/15 and 125.98.0.0/16 to the permanent block list.
218.108.85.240/15+	The criminal 218.108.85.240 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. (CN) (2011.11.20) Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password only. This is the 4th attack by the criminal 218.108.85.240 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China. since Oct 16 2011, Oct 12 2011 and Sep 18-30 2011. Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
91.230.111.80/24	91.230.111.80 in ATVASITE (LV) (2011.11.20) Malicious and huge ssh brute force attack (58 login attempts) focusing on the root password.
218.219.147.46/29	218.219.147.46 in Flect Co., Ltd. in EditNet, Inc (JP) (2011.11.19) Malicious and huge ssh brute force attack (90 login attempts) focusing on the root password.
41.189.17.118/19	41.189.17.118 in SWIFT NETWORKS LIMITED (NG) (2011.11.19) Malicious and huge ssh brute force attack (6,622 login attempts).
84.38.67.99/20	84.38.67.99 (vpn.boerse.bz) in ispOne business GmbH (DE) (2011.11.19) Malicious and huge ssh brute force attack (41 login attempts) focusing on the root password.
91.231.140.120/24	91.231.140.120 in Integradesign (PL) (2011.11.18) Malicious and huge ssh brute force attack (41 login attempts) focusing on the root password.
213.229.124.66/18	213.229.124.66 (213-229-124-66.static.as29550.net) in Simply Transit Ltd (GB) (2011.11.18) Malicious and huge ssh brute force attack (75 and more login attempts) This is the 2nd attack by 213.229.124.66 since Nov 17 2011.
207.225.51.214/15	207.225.51.214 (anslabel.com) in anslabel.com in Qwest Communications Company, LLC (US) (2011.11.16-18) Malicious and huge pop brute force attack (182 and more login attempts). We received an automatic receipt from Qwest Managed Security Services. (2011.11.18).
222.186.29.69/12+	222.186.29.69 in CHINANET jiangsu province network (江苏省公用信息有限公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11,18) Malicious and huge ssh brute force attack (33 login attempts) focusing on the root password only. Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
67.205.89.151/18	67.205.89.151 (cl-t070-192cl.privatedns.com) in iWeb Technologies Inc. (CA) (2011.11.17) Malicious and huge ssh sip connection attack (85 connection attempts). Add 67.205.64.0/18 to the permanent block list.
213.229.124.66/18	213.229.124.66 (213-229-124-66.static.as29550.net) in Simply Transit Ltd (GB) (2011.11.17) Malicious and huge ssh brute force attack (3,147 login attempts) focusing on the root password.
46.167.171.12/24	46.167.171.12 (s192.ds-siegen.de) in DS Computer Service (DE) (2011.11.16) Malicious and huge ssh brute force attack (184 login attempts) focusing oj the root password only.
32.64.8.196/8	32.64.8.196 (VM032064008196.attcompute.com) in AT&T Global Network Services, LLC (US) (2011.11.16) Malicious and huge ssh brute force attack (627 login attempts) We received an automatic receipt from AT&T Internet Services Security Center. (2011.11.17).
218.69.106.52/11+	218.69.106.52 (www.tjsu.cn) in Tianjin Heping District Xinhua Worker University (天津市院校高层人才) in China Unicom Tianjin province network (中国联合通信有限公司天津分公司) in China Unicom (中国联通) in People's Republic of China. (CN) (2011.11.15) Malicious and huge ssh brute force attack (3 login attempts) focusing on the root password only. This is the 5th attack by 218.69.106.52 since Dec 30 2010, Nov 24 2010, Nov 22 2010 and Aug 12 2010. Add 218.56.0.0/13, 218.64.0.0/11 and 218.96.0.0/14 to the permanent block list.
119.188.7.162/12	119.188.7.162 in China Unicom Shandong province network (中国联合网络通信有限公司山东省分公司) in CHINA UNICOM (中国联通) (CN) (2011.11.15) Malicious and huge ssh brute force attack (60 login attempts). Many criminals live in 119.188.7.* block (119.188.7.159 in 2010.7.17, 119.188.7.175 in 2011.1.23, 119.188.7.153 in 2011.2.10 and 2011.3.8, 119.188.7.185 in 2011.9.8-11.) Add 119.176.0.0/12 to the permanent block list.
121.13.54.219/13+	121.13.54.219 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.11,14) Malicious and huge smtp auth attempts (51 login attempts). Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
112.14.62.4/10+	112.14.62.4 in China Mobile Communications Corporation (中国移动通信集团公司) (CN) (2011.11.14) Malicious and huge ssh brute force attack (102 login attempts) focusing on the root password only. Add 112.0.0.0/10 and 112.64.0.0/14 to the permanent block list.
85.95.227.169/19	The criminal 85.95.227.169 (ip227.169.onofis.com) in the criminals' heaven network ONOFIS internet Servisleri-IZMIR (TR) (2011.11.13) Malicious and huge ssh brute force attack (324 login attempts) focusing on the root password only. This is the 3rd attack by the criminal 85.95.227.169 (ip227.169.onofis.com) since Nov 5 2011, Oct 15 2011. Add 85.95.224.0/19 to the permanent block list.
180.37.77.83/17	180.37.77.83 (180037077083.bhb.bizhosting.net) in Open Computer Network (JP) (2011.11.13) Malicious and huge pop brute force attack (42 login attempts).
218.108.85.251/15+	The criminal 218.108.85.251 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) (6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou, Zhejiang province, P.R.China 310012, CN / Administrator, Technical contact) in People's Republic of China. (CN) (2011.11.8, mail error 2011.11.13) Malicious and huge ssh brute force attack (23 login attempts) focusing on the root password only. This is the 13th attack by the criminal 218.108.85.251 in the criminals' company WASU TV & Communication Holding Co.,Ltd. (华数TV) in People's Republic of China since Oct 17 2011, Oct 15 2011, Oct 14 2011 (twice), Oct 13 2011 (twice), Sep 5 2011, Jul 31 2011, Jul 10 2011, Jul 9 2011 and Jul 8 2011 (twice). The contact e-mail address allon@chinahcn.com does not work because of '<allon@chinahcn.com> and <fengtao@chinahcn.com>: connect to smg.chinahcn.com[218.108.250.184]: Connection timed out' (2011.11.13) Add 218.104.0.0/14 and 218.108.0.0/15 to the permanent block list.
184.7.102.216/13	184.7.102.216 (tx-184-7-102-216.dhcp.embarqhsd.net) in Embarq Corporation (US) (2011.11.12) Malicious and huge ssh brute force attack (85 login attempts) focusing on the root password only.
180.210.207.102/27	180.210.207.102 (102.207.210.180.ds.sparkstation.net) in SPARKSTATION PTE LTD (SG) (2011.11.12) Malicious and huge ssh brute force attack (627 login attempts). We received an automatic receipt from Sparkstation Pte Ltd. (2011.11.12). We received a report from Sparkstation Pte Ltd. (2011.11.12).
70.84.7.250/14	70.84.7.250 (bigbluehost4.com = hardsoft.kib.com.mx) in hardsoft.kib.com.mx in Big Blue Host in ThePlanet.com Internet Services, Inc. (US) (2011.11.12) Malicious and huge ssh brute force attack (520 login attempts) focusing on the root password only.
75.147.51.222/18	75.147.51.222 (75-147-51-222-NewEngland.hfc.comcastbusiness.net) in Comcast Business Communications, LLC (US) (2011.11.11) Malicious and huge pop brute force attack (75 and more login attempts).
216.152.175.133/20	216.152.175.133 in United Telecommunication Services (AN) (2011.11.11) Malicious and huge ssh brute force attack (42 and more login attempts) focusing on the root password only. Add 216.152.160.0/20 to the permanent block list.
121.242.81.2/13	The criminals' host 121.242.81.2 in TATA Communications (VSNL) (IN) (2011.11.10) Malicious and huge ssh brute force attack (34 and more login attempts)focusing on the root password only. This is the 2nd attack by the criminals' host 121.242.81.2 since Nov 10 2011 (today). Add 121.240.0.0/13 to the permanent block list.
210.0.255.169/17	210.0.255.169 in Hutchison Global Communications (HK) (2011.11.10) Malicious and huge ssh brute force attack (120 login attempts) focusing on the root password. We received an automatic receipt from Hutchison Global Communications. (2011.11.10). Add 210.0.128.0/17 to the permanent block list.
121.242.81.2/13	121.242.81.2 in TATA Communications (VSNL) (IN) (2011.11.10) Malicious and huge ssh brute force attack (95 login attempts). Add 121.240.0.0/13 to the permanent block list.
218.149.84.37/12	218.149.84.37 (www.38tree.com) in 38tree.com (상록수신문) in Korea Telecom (KR) (2011.11.8) Malicious and huge http probes (86 probes). Add 218.144.0.0/12 to the permanent block list.
12.27.222.21 24.111.1.78 60.240.231.246 61.19.252.236 61.30.74.46 62.148.83.29 62.161.44.45 62.183.105.164 62.225.155.90 62.33.217.1 62.48.206.80 62.48.74.126 64.117.46.243 64.251.14.116 65.161.248.26 65.70.247.20 65.82.69.5 67.201.14.50 67.55.95.132 68.78.199.247 69.7.197.98 70.84.233.162 72.252.248.111 74.189.117.98 74.52.42.194 77.93.1.115 78.131.55.172 78.142.42.42 78.158.28.199 78.228.182.141 79.4.167.152 79.48.7.10 80.24.95.85 80.26.69.233 81.169.165.138 81.252.31.172 81.29.76.93 81.56.57.50 81.92.159.194 82.104.224.145 82.112.204.18 82.130.143.216 82.193.36.98 82.85.95.20 83.103.59.130 83.139.194.70 85.10.204.194 85.132.139.26 85.18.206.228 85.185.180.48 85.214.135.190 85.214.50.91 85.22.60.6 85.88.195.34 85.88.195.35 87.105.187.194 87.106.101.139 87.229.7.163 87.242.99.166 88.149.159.194 88.40.179.242 88.57.43.176 89.111.185.156 89.111.185.193 89.208.95.130 89.96.201.32 89.97.247.147 91.103.30.98 91.191.170.146 91.199.58.26 93.84.116.216 94.127.67.61 99.13.226.154 118.97.50.11 122.115.35.242 122.255.96.163 122.255.96.164 122.255.96.45 123.100.77.67 151.1.183.216 173.161.94.226 174.133.94.26 188.134.13.44 193.225.84.1 193.77.58.207 194.2.25.13 195.19.200.72 195.210.47.144 195.69.86.210 195.95.198.190 200.121.52.63 200.160.121.246 200.162.106.197 200.175.53.196 200.183.172.2 200.232.56.35 200.249.149.60 200.251.31.2 200.40.251.146 200.63.96.126 200.63.98.32 200.80.163.74 201.134.39.146 201.238.192.116 201.25.53.34 201.48.233.194 202.129.187.147 202.158.52.211 202.213.205.172 202.33.8.49 203.110.245.243 203.141.158.120 203.156.255.145 203.95.7.162 204.191.10.18 207.238.196.3 208.125.137.121 209.88.156.132 210.202.196.250 212.244.203.6 212.252.120.11 212.36.7.246 212.78.187.120 212.92.13.110 213.140.23.142 213.174.167.15 213.97.211.74 217.115.199.40 217.127.66.216 217.128.153.54 217.26.18.179 217.33.64.203 217.75.15.8 217.79.182.38 219.94.144.230	They are the distributed ssh brute force attackers (almost of them seem to be bots) in Nov 6-8.
46.21.157.162/20	46.21.157.162 (162.157.21.46.inferno.name) in Inferno Solutions in SWIFTWAY Autonomous System. (US/UK/NL) (2011.11.8) Malicious and huge ssh brute force attack (151 login attempts).
211.115.195.15/13+	211.115.195.15 (analyzer.sjtel.net) in SEJONG TELECOM (세종텔레콤) (KR) (2011.11.8) Malicious and huge ssh brute force attack (35 login attempts) focusing on the root passowrd. Add 211.104.0.0/13 and 211.112.0.0/13 to the permanent block list.
200.7.200.246/7	200.7.200.246 in DITECA S.A. in Telefónica Ecuador (EC) (2011.11.8) Malicious and huge ssh brute force attack (56 login attempts). Add 200.0.0.0/7 to the permanent block list.
174.143.254.66/	174.143.254.66 (www.chamilia.com) in CHAMILIA in Rackspace.com (US) (2011.11.7) Malicious and huge smtp auth attempts (27 login attempts).
118.97.82.146/24	118.97.82.146 (146.subnet118-97-82.static.astinet.telkom.net.id) in PT. TELKOM INDONESIA (ID) (2011.11.7) Malicious and huge ssh brute force attack (43 and more login attempts) focusing on the root password.
112.215.11.169/16	112.215.11.169 in PT Excelcomindo Pratama (ID) (2011.11.7) Malicious and huge ssh brute force attack (49 and more login attempts) focusing on the root password. The contact e-mail address haerania@xl.co.id does not work because of 'haerania@xl.co.id: The recipient's mailbox is full and can't accept messages now. Please try resending this message later, or contact the recipient directly.' (2011.11.7) Add 112.215.0.0/16 to the permanent block list.
121.10.118.69/13+	121.10.118.69 in maomingshiguanghuananlu118haorunweishangsha8lou in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.11,7) Malicious and huge ssh brute force attack (100 login attempts) . Add 121.8.0.0/13, 121.16.0.0/12, 121.32.0.0/13 and 121.40.0.0/14 to the permanent block list.
222.45.235.77/11+	222.45.235.77 in CHINA RAILWAY TELECOMMUNICATIONS CENTER (中国铁通) in People's Republic of China. (CN) (2011.11.7) Malicious and huge ssh brute force attack (373 login attempts). Add 222.16.0.0/12, 222.32.0.0/11 and 222.64.0.0/11 to the permanent block list.
202.121.166.203/15+	202.121.166.203 in East China University Of Politics And Law (华东政法大学) in CERNet: China Education and Research Network (中国教育和科研计算机网) in People's Republic of China. (CN) (2011.11.7) Malicious and huge ssh brute force attack (168 login attempts). Add 202.90.0.0/15, 202.92.0.0/14, 202.96.0.0/12, 202.112.0.0/13 and 202.120.0.0/15 to the permanent block list.
91.197.194.46/21+	91.197.194.46 (host-91.197.194.46.letkon.ru) in Letcom 2 Ltd. (RU) (2011.11.7) Malicious and huge ssh brute force attack (178 login attempts). Add 91.197.188.0/22 and 91.197.192.0/21 to the permanent block list.
61.152.239.195/10	61.152.239.195 in vezhan.com (九神建站) in CHINANET shanghai province network (中国电信上海信息产业(集团)有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China. (CN) (2011.11.7) Malicious and huge ssh brute force attack (827 and more login attempts). Add 61.128.0.0/10 to the permanent block list.
218.241.167.184/13	218.241.167.184 (concert.wapkit.org) in wapkit.org in Beijing Zhongbangyatong Telecom Technology Co,Ltd in the crimials' heaven network datadragon.net (北京电信通电信工程有限公司) = the crimials' heaven network BEIJING TELETRON TELECOM ENGINEERING CO., LTD. (北京电信通电信工程有限公司) (CN) (2011.11.1, mail error 2011.11.5) Malicious and huge ssh brute force attack (1,012 login attempts). The contact e-mail address Betsy.du@bj.datadragon.net does not work because of '<Betsy.du@bj.datadragon.net>: connect to bj.datadragon.net[211.147.3.134]: Connection timed out' (2011.11.5) Add 218.240.0.0/13 to the permanent block list.
85.27.114.100/19	85.27.114.100 (host-85-27-114-100.brutele.be) in Brutele SC (BE) (2011.11.5) Malicious and huge ssh brute force attack (736 login attempts).
85.95.227.169/19	The criminals' host 85.95.227.169 (ip227.169.onofis.com) in ONOFIS internet Servisleri-IZMIR (TR) (2011.11.5) Malicious and huge ssh brute force attack (324 login attempts) focusing on the root password only. This is the 2nd attack by the criminals' host 85.95.227.169 (ip227.169.onofis.com) since Oct 15 2011. Add 85.95.224.0/19 to the permanent block list.
61.183.44.242/10	61.183.44.242 in CHINANET Hubei province network (中国电信股份有限公司湖北分公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11.5) Malicious and huge ssh brute force attack (338 login attempts) focusing on the root password. Add 61.128.0.0/10 to the permanent block list.
218.10.18.116/11	218.10.18.116 in China Unicom Heilongjiang province network (黑龙江联通) in China Unicom (中国联通) (CN) (2011.11.4) Malicious and huge ssh brute force attack (40 login attempts) focusing on the root passowrd. Add 218.0.0.0/11 to the permanent block list.
113.106.197.134/10+	113.106.197.134 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.11.3) Malicious and huge http probes (98 probes). Add 113.62.0.0/15, 113.64.0.0/10 and 113.128.0.0/15 to the permanent block list.
91.211.45.110/22	91.211.45.110 (net091211045110.king-online.ru) in King-Online Ltd. (КИНГ-ОНЛАЙН) (RU) (2011.11.3) Malicious and huge ssh brute force attack (92 login attempts). Add 91.211.44.0/22 to the permanent block list.
222.221.2.210/11+	The criminal 222.221.2.210 in CHINANET yunnan province network in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.11.3) Malicious and huge ssh brute force attack (6 login attempts). This is the 16th attack by the criminal 222.221.2.210 since Nov 3 2011, Oct 4 2011, Mar 28 2011, Dec 24 2010, Nov 11 2010, Sep 24 2010, Sep 12 2010, Jun 29 2010, Feb 9 2010, Dec 16 2009, Jun 1 2009, Apr 30 2009, Feb 26 2009 and Nov 22 2008. Add 222.168.0.0/13, 222.176.0.0/12 and 222.192.0.0/11 to the permanent block list.
1.209.8.194/12+	1.209.8.194 in BORANET- LG DACOM Corporation (LG유플러스) (KR) (2011.11.2-3) Malicious and huge ssh brute force attack (30 login attempts) focusing on the root password. Add 1.208.0.0/12 and 1.224.0.0/11 to the permanent block list.
116.18.206.157/12	116.18.206.157 in CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.11.2) Malicious and huge smtp auth attempts (57 login attempts). Add 116.16.0.0/12 to the permanent block list.
85.13.254.186/18	85.13.254.186 (ns1.goldcoin.org) in LINGOLD in Coreix Ltd (GB) (2011.11.1) Malicious and huge ssh sip connection attack (32 connection attempts).
112.65.187.139/14+	The crimianls' host 112.65.187.139 in zhongda in China Unicom CHINA169 Shanghai Province Network (中国联合网络通信有限公司上海市分公司) in China Unicom (中国联通) (CN) (2011.11.1) Malicious and huge ssh brute force attack (18 login attempts). This is the 2nd attack by the crimianls' host 112.65.187.139 since Jan 31 2011. Add 112.0.0.0/10 and 112.64.0.0/14 to the permanent block list.
121.207.230.69/14	121.207.230.69 in CHINANET Fujian province network (中国电信福建公司) in CHINA TELECOM (中国电信集团公司) (CN) (2011.11.1) Malicious and huge ssh brute force attack (74 login attempts) focusing on the root password only. Add 121.204.0.0/14 to the permanent block list.
202.28.66.166/15	The criminals' host 202.28.66.166 in the criminals' heaven network UniNet (Inter-university network) (TH) (2011.11.1) Malicious and huge ssh brute force attack (845 login attempts). This is the 2nd attack by the criminals' host 202.28.66.166 since Oct 25 2011. Add 202.28.0.0/15 to the permanent block list.
61.47.117.140/17	61.47.117.140 (clicktalad.com) in clicktalad.com in PACNET (TH) (2011.11.1) Malicious and huge pop brute force attack (1,192 and more login attempts).
auy58.internetdsl.tpnet.pl c2.2a.344a.static.theplanet.com dan.generation-mac.fr dns1.pavianetwork.com dns2.pavianetwork.com ejf01.ejf.hu ensim.open-library.net esd701.easyserver.net firewall.pitrez.com.br fw.selectusconsulting.com gergovie.advantages.fr gsv114.internetdsl.tpnet.pl gtm146.internetdsl.tpnet.pl gw.it-comm.ru hc210-202-196-250.vdslpro.static.apol.com.tw host10-7-static.48-79-b.business.telecomitalia.it host152-167-static.4-79-b.business.telecomitalia.it host242-179-static.40-88-b.business.telecomitalia.it intranet.compraspublicas.gov.ec ip-72-55-174-11.static.privatedns.com ip-72-55-179-219.static.privatedns.com laubervilliers-153-53-24-181.w217-128.abo.wanadoo.fr lst-amand-152-31-15-247.w193-253.abo.wanadoo.fr mac.fix-it.ie mail.aegislab.com mail.fisher-bmt.net mail.guiaslatinas.com.py mail.gymnaziumdc.cz mail.kampa-bg.com mail.sandrecar.com.br moscovita.curimbaba.com.br mx.cashcredito.com.br mx.cbc-group.kz mx.savarauto.com.br narro.uaaan.mx ns2.inetsouth.com port-87-193-246-26.static.qsc.de r200-40-251-146.ae-static.anteldata.net.uy rs.hntelecom.net.cn s15236367.onlinehome-server.info sd-16955.dedibox.fr senyo6z134.digitalink.ne.jp service.netandwork.net single.tbt.com.tr siona.servers.nosco-ict.nl static-217-133-119-229.clienti.tiscali.it static-82-85-95-20.clienti.tiscali.it static.200.219.227.162.datacenter1.com.br usa01.conox.net vegawlan.pl vilagtv.battanet.hu www.comune.palestrina.rm.it xs.5460.net yoshiki.teruya.ne.jp zux221-015-140.adsl.green.ch 1a.5e.85ae.static.theplanet.com 12.27.222.21 32.bd.344a.static.theplanet.com 58.254.143.204 58.63.241.209 59.108.108.100 60.28.199.166 61-221-28-243.hinet-ip.hinet.net 61-31-204-90.static.tfn.net.tw 61.152.76.75 61.19.252.236 61.59.101.16 61.78.62.43 62.161.44.45 62.183.105.164 67.55.95.132 68.78.199.247 69.162.119.162 69.162.65.138 69.162.70.2 72.252.248.111 72.3.142.26 82.139.199.57 83.143.83.114 85-10-204-194.clients.your-server.de 85.red-80-24-95.staticip.rima-tde.net 85.132.139.26 85.185.180.48 85.22.60.6 87.229.7.163 88-149-159-194.vps.virtuo.it 89.97.247.147 93.84.116.216 102.160.192.61.east.global.crust-r.net 109.237.210.147 114-32-173-14.hinet-ip.hinet.net 118.122.179.71 118.142.4.27 118.97.50.11 119.145.144.60 119.254.5.83 121.166.70.252 122.115.35.242 122.183.212.52 122.225.97.118 122.227.129.113 122.255.96.164 122.255.96.45 122.70.141.250 122.70.144.168 123-100-77-67.static.diginet.co.nz 123.196.115.72 124.160.72.149 124.193.142.249 151.1.183.216 161.200.90.2 173-161-94-226-illinois.hfc.comcastbusiness.net 180.149.92.22 189.14.99.226 189.16.12.146 190.144.175.133 190.196.30.122 190.2.7.178 190.254.11.218 194.2.25.13 195.167.225.173 195.95.198.190 200.155.17.68 200.25.180.75 200.63.98.32 201.134.39.146 202.100.80.21 202.102.2.155 202.120.52.130 202.131.87.70 202.133.244.250 202.28.37.63 203.141.158.120.static.zoot.jp 203.95.7.162 204.15.211.114 204.191.10.18 209.88.156.132 210.21.117.13 210.241.238.236 210.245.13.166 210.42.35.1 210.51.25.156 211.144.82.8 211.147.221.42 211.167.110.2 211.234.100.205 212.49.222.82 213-140-23-142.ip.fastwebnet.it 213.174.167.15 213.195.75.188 216.red-217-127-66.staticip.rima-tde.net 217.199.212.243 217.33.64.203 218.1.67.151 218.108.57.230 218.247.244.13 219.234.88.247 219.238.168.6 219.240.36.108 219.240.36.110 219.94.144.230 220.162.244.251 220.179.64.23 220.248.102.254 221.224.13.25 221.232.155.6 222.122.45.110 222.73.41.52 233.red-80-26-69.staticip.rima-tde.net 1901424851.ip33.static.mediacommerce.com.co	They are the distributed ssh brute force attackers (seems to be bots) at least 2 attacks in Oct 2011.
218.15.221.84/11	The criminals' host 218.15.221.84 in guangdongshengdianxinyouxiangon in the criminal CHINANET Guangdong province network (中国电信股份有限公司) in CHINA TELECOM (中国电信集团公司) in People's Republic of China (CN) (2011.10.31) Malicious and huge ssh brute force attack (5 login attempts) focusing on the root password. This is the 2nd attack by the criminals' host 218.15.221.84 since Apr 6 2011. Add 218.0.0.0/11 to the permanent block list.
networks permanently rejected
64.15.128.0/19 67.205.64.0/18 70.38.0.0/17 72.55.128.0/17 174.142.0.0/16 184.107.0.0/16 209.172.32.0/19	iWeb Technologies Inc. (CA)
24.123.0.0/17 24.173.0.0/16 24.199.39.226/18 24.199.204.175/17 69.134.205.250/14 68.205.122.176/13 71.40.0.0/14 70.60.0.0/14	Road Runner (US)
64.169.45.66/12 64.171.127.90/12 65.67.13.26/13 66.121.145.195/13 66.139.79.199/13 68.75.86.8/13 69.208.29.243/12 69.215.39.177/12 69.228.253.114/12	SBC Internet Services (US)
64.0.0.0/14 65.104.0.0/14 67.88.0.0/13 67.152.0.0/14 207.101.0.0/16 216.112.0.0/16	XO Communications (US)
82.165.29.132/16 82.165.182.20/16 212.227.21.108/16 212.227.49.34/16 217.160.131.147/16 217.160.185.217/16	Schlund + Partner AG (DE/US)
95.154.236.0/23 95.154.240.0/23 95.154.242.0/24 95.154.248.0/22	iDeal Hosting (TR) in RapidSwitch Ltd (GB)
58.136.0.0/15 203.146.0.0/16 210.1.0.0/18	CS LOXINFO PUBLIC COMPANY LIMITED
61.7.128.0/17 202.129.0.0/18	CAT Telecom (TH)
41.78.76.0/22	Powertel Communications (Zimbabwe) (ZW)
58.64.0.0/17	Advance Datanetwork Communications Co.,Ltd. (TH)
58.68.0.0/17	Dishnet Wireless Limited (IN)
59.106.49.96/27	日本空間情報技術株式会社 (JP)
59.148.0.0/15	City Telecom (H.K.) Ltd. (HK)
61.59.0.0/16	Seednet / Digital United Inc. (TW)
61.90.0.0/15	True Corporation (TH)
61.199.200.80/29	Vector International (ベクターインターナショナル株式会社) (JP)
62.26.219.0/24	JSis Network Solutions (DE)
62.39.117.136/29	OLYMPIQUE DE MARSEILLE (FR)
62.63.64.0/18	ArtX (RU)
62.72.110.116/19	Respons Advertising BVBA in COLT-BE (BE)
62.75.128.0/17	plusserver (intergenia AG)
62.81.241.208/29	Colegio Oficial de ingenieros Tecnicos Industriales in Ono.com (ES)
62.84.144.130/27	Martin Dohnal (CZ)
62.112.132.50/19	Tardeinfo GmbH in Netdiscounter GmbH (DE)
63.81.36.0/22	Top Speed Internet Service, LLC (US)
64.80.197.80/28	Anycolor Inc. in PaeTec Communications, Inc. (US)
64.115.0.0/16	Broadview Networks, Inc. (US)
64.237.96.0/20	ThruPort Technologies, Inc. (US)
65.19.234.0/23	Interbel Telephone (US)
65.75.128.0/18	Managed Solutions Group, Inc. (US)
65.116.31.0/24	LAREDO COMMUNITY COLLEGE (US)
66.11.112.0/20	Suavemente, Inc. (US)
66.50.0.0/16	Puerto Rico Telephone Company (PR)
66.133.64.0/19	Giant, Inc. (US)
66.152.160.0/19	MULTACOM CORPORATION (US)
66.230.192.0/19 66.230.231.73/20	Neucom, Inc. (US)
67.18.216.226/15	ThePlanet.com Internet Services, Inc. (US)
67.202.0.0/18	Amazon.com, Inc. (US)
69.20.54.51/17	Rackspace.com, Ltd. (US)
69.162.64.0/18	Limestone Networks, Inc. (US)
70.88.0.0/14	Comcast Business Communications, Inc. (US)
74.52.0.0/15 74.54.0.0/16	ThePlanet.com Internet Services, Inc. (US)
75.127.64.0/18	Amazonas Filmes in Global Net Access, LLC (US)
75.144.0.0/13	Comcast Business Communications, Inc. (US)
76.197.19.48/28	PRAKASH BALEBAI-070221231148 (US)
77.91.192.0/21	Vermont-IT (RU)
77.233.192.0/19	ROSS Limited Company in IZMAYROVO.RU (RU)
78.110.160.0/20	UK Dedicated Servers Limited, VAServe LTD (GB)
79.170.192.0/22	Intrahost Limited (GB)
80.71.240.0/20	vnicsmv.ru in Rial Com JSC (RU)
80.74.128.0/19	METANET AG, Switzerland (CH)
80.90.112.0/20	SmartLogic Ltd. (RU)
80.91.160.0/19	Nibulon Nikolaev in DATAGROUPDATAGROUP (UA)
80.96.134.0/23	SC Minisat srl (RO)
80.191.0.0/16	Data Communications of Iran (IR)
80.200.0.0/15	Skynet (BE)
80.233.128.0/17	Telia Latvija (LV)
80.243.176.0/20	IDealHosting in Dedicated Server Contact in Redstation Limited
81.52.240.0/20	WebSatMedia Pte Ltd in France Telecom (SG)
81.209.149.64/26	Mathias Goldhan in Keyweb AG (DE)
82.76.0.0/14	Romania Data Systems (RO)
82.98.0.0/20	Ozone Paris (FR)
82.135.156.41/23	UAB "Elektronine prekyba ir Ko" (LT)
82.193.128.0/19	Ural Regional Bank Net "UralWES" (RU)
83.0.0.0/11	Polish Telcom TPNET (PL)
83.246.112.0/20	SERVERPOOL (DE)
84.128.0.0/10	Deutsche Telekom AG (DE)
84.235.0.0/17	Saudi Telecom Co. (SA)
84.246.144.0/22	Legatel Telecom Srl (IT)
85.38.0.0/16 88.48.0.0/15 (part of 88.32.0.0/11)	Telecom Italia (IT)
85.112.96.0/20	Centaur Telecom (RU)
86.34.0.0/16	Romtelecom Data Network (RO)
86.51.0.0/16	Bayanat Al-Oula in Mobily (SA)
87.247.64.0/19	Mikrovisatos TV (LT)
88.86.64.0/19	Quantum Communications (RU)
88.132.128.0/17	SadeceHosting (TR)
88.160.0.0/11	Dedibox / ProXad network / Free SAS (FR)
89.21.128.0/22	TZ-Telecom (includes Ermakov Aleksey)
89.216.0.0/16	Serbia Broadband (RS)
90.189.128.0/17	Sibirtelecom (RU)
Powernet Ltd (BG)	91.148.128.0/18
91.151.240.0/20	Novotelecom ltd. (RU)
92.55.64.0/18	Robi Cable TV in Neotel (MK)
93.95.64.0/21	ITV NET Network (MK)
93.100.0.0/16	SkyNet Network (RU)
93.180.88.0/21	Point To Point Ltd. in Bulgarian Internet Company Ltd. (BG)
94.243.0.0/18	MULTISERVICENETWORK (RU)
95.168.192.0/19	SuperHosting.cz (CZ)
98.142.208.0/20	WireSix (US)
109.207.0.0/20 109.225.0.0/18	JSC Rostelecom (RU)
110.74.128.0/18	AIMS Data Centre, Malaysia (MY)
112.133.192.0/18	RailTel Corporation (IN)
112.137.160.0/20	TM NET SDN BHD (MY)
112.215.0.0/16	PT Excelcomindo Pratama
116.66.160.0/20	Illuminate Internet Services Pty Ltd = Hostcentral (AU)
116.66.200.0/21	PT Cyber Network Indonesia (ID)
116.214.24.0/21	TULIP Telecom ltd. (IN)
117.192.0.0/10	Bharat Sanchar Nigam Limited (IN)
118.97.82.0/24	PT. TELKOM INDONESIA (ID)
118.98.128.0/17	Departemen Pendidikan Nasional Tim Data Center Jardiknas (ID)
118.100.0.0/15	TELEKOM MALAYSIA BERHAD (MY)
122.152.128.0/18	Asia Netcom Corporation (JP)
122.183.128.0/17	Bharti Telenet Ltd. Tamilnadu
122.160.234.0/23	ABTS DELHI (IN)
122.252.224.0/19	RailTel Corporation of India Ltd. (IN)
123.30.0.0/15	VietNam Data Communication Company (VDC)
124.7.0.0/16	Sify Limited (IN)
124.30.0.0/16	Sify Limited (IN)
124.195.0.0/17	INDOSAT (ID)
124.247.192.0/18	TULIP Telecom (IN)
125.215.128.0/17	PCCW Business Netvigator (HK)
128.177.224.0/21	Fision - Digital Fiber Entertainment in AboveNet (US)
128.243.0.0/16	The University of Nottingham (GB)
131.236.0.0/16	University College, Australian Defense Force Academy (AU)
139.223.0.0/16	TISNET: TATUNG (TW)
147.83.5.57/16 147.83.50.71/16	Universitat Politecnica de Catalunya (ES)
149.156.0.0/16	Academic Computer Centre CYFRONET (PL)
161.139.0.0/16	Universiti Teknologi Malaysia (MY)
182.0.0.0/12	PT Telekomunikasi Selular Indonesia (ID)
188.95.152.0/24	Tavria Host Network (Gennady Mihajlov, Shorsa str., 2, Nikopol) (UA)
193.24.212.0/20	cdedie in V-COM Network Ips (FR)
193.34.120.0/22	SDV Server Services (DE)
193.87.160.64/28	Joint Vocational Secondary School (Zdruzena stredna skola, Bratislava, SK) in sanet. (SK)
193.107.16.0/22	Ideal Solution Ltd (SC)
193.111.156.0/22	Interphone Ltd. (UA)
193.231.39.0/24	University of Craiova (RO)
193.254.2.0/24	Polytechnic University of Tirana Albania (AL)
194.88.96.0/19	Online Internet nv/sa (BE)
194.103.218.0/23	Arjeplog Kommun (SE)
194.204.212.0/24	Ministere des Peches Maritimes (MA)
195.20.206.0/23	GleSYS - Serverhotell (SE)
195.47.227.0/24	Totolotek S.A. (PL)
195.93.144.0/23	Limited company Elektrosvyaz (RU)
195.140.140.0/22	CTN1 (FR)
195.140.176.0/22	PEACE-NET in HansaWorld International (Internet Invest Ltd) (UA)
195.224.0.0/16	Pipex Communications (GB)
196.0.0.0/8	AfriNIC
202.28.0.0/15	UniNet (Inter-university network) (TH)
202.46.0.0/20	IPTEKNET, Indonesian Science and Technology Network (ID)
202.46.24.0/21	Widya Mandala Catholic University Surabaya (ID)
202.55.180.162/20	SKYCC, VoIP and ISP, Ulaanbaatar, Mongolia (MN)
202.57.128.0/18 202.142.221.246/19	Internet Service Provider Co., Ltd. (TH)
202.60.64.0/19	DedicatedServers (AU)
202.60.240.2/19	Cyber Express Communication Ltd. (HK)
202.63.160.0/19	Exatt Technologies Pvt. Ltd. (IN)
202.64.0.0/16	Pacific Internet (Hong Kong) Ltd (HK)
202.65.128.0/19	Pioneer Online Pvt. Ltd. (IN)
202.66.0.0/16	CPCNet Hong Kong Ltd. (HK)
202.70.192.0/20	India Online Network Ltd (IN)
202.67.155.250/17	HKNet Company Limited (HK)
202.88.128.0/18	Hathway IP Over Cable Internet Access Service (IN)
202.123.64.0/19	Henderson Data Centre Limited (HK)
202.142.64.0/18	Zee Telefilms Ltd (IN)
202.144.0.0/17	Sify Limited (IN)
202.152.160.0/23 202.152.162.0/24 202.155.32.0/19	Indosat (ID)
202.155.196.100/18 202.155.230.231/18	Wharf T&T Limited (HK)
202.175.192.0/18	Eastern Telecoms Philippines, Inc. (PH)
202.181.128.0/19	Hongkong Commercial Internet Exchange (HK)
202.222.28.84/32	www.utsunomiya-fudousan.com in SAKURA Internet 宇都宮不動産のれん会 (JP)
203.34.37.0/24	YOKOZUNANET (MN)
203.64.0.0/13 203.72.0.0/14	Global Communication Network Corp., CHTD (TW)
203.81.32.0/19	Pacific Internet Limited (SG)
203.110.208.0/20	India Online Network Ltd. (IN)
203.113.128.0/18	Vietel Corporation (VN)
203.115.96.0/19	IITM in Primenet Global Ltd. (IN)
203.116.0.0/15 203.118.0.0/18	StarHub (SG)
203.133.27.117/17	Hoshin Gigamedia Center Inc. (TW)
203.141.141.192/29	Business Flow Technologies Inc. (株式会社ビジネスフローテクノロジーズ) in Interlink co., ltd (JP)
203.144.128.0/17	True Internet (TH)
KSC Commercial Internet	KSC Commercial Internet (TH)
203.157.0.0/16	Ministry of Public Health, Thailand (TH)
203.167.96.0/19	Eastern Telecoms Phils., Inc. (PH)
203.171.16.0/20	New Generations Telecommunication Corporation (VN)
203.172.192.0/18	Ministry of Education Network Operation Center (TH)
203.185.0.0/18	CITY TELECOM (HK) LTD
203.193.0.0/18	Verizon Hong Kong Limited (HK)
203.198.0.0/16	PCCW, NETVIGATOR (HK)
206.124.0.0/19	foreThought.net (US)
207.44.128.0/17	Anita Limanto in OESM Group in The Planet (Everyones Internet) (US)
207.80.142.5/16	Univ. of Texas System Office of Telecom. Services (US)
207.192.64.0/18	Linode.com in Net Access Corporation (US)
207.210.0.0/18	Source Cable Ltd. (CA)
207.253.73.0/24	Cooperative de cablodistribution de l'arriere-pays (CA)
208.50.192.0/18 208.51.0.0/16	Global Crossing (GBLX) (US)
208.109.0.0/16	GoDaddy.com, Inc. (US)
208.115.192.0/18	Limestone Networks, Inc. (US)
209.8.0.0/15	MarketUS in Beyond The Network America, Inc. - PCCW Global (US)
209.200.0.0/18	Webair Internet Development Company Inc. (US)
210.6.0.0/16	City Telecom (H.K.) Ltd. (HK)
210.17.0.0/17	Taiwan Telecommunication Network Services Co.,LTD. (TW)
210.18.57.3/17	Sify Limted (IN)
210.48.144.0/20	TM NET (MY)
210.67.0.0/18	Sysware Corporation, Systex Corporation (TW)
210.68.0.0/16	firefoxlanka.com in Digital United Inc. / SEEDNET (TW)
210.70.160.0/20	CHANG JUNG UNIVERSITY (TW)
210.81.0.0/19	WorldCom Japan Ltd. (JP)
210.87.240.0/20	PCCW (Pacific Century Cyberworks) Business Internet Access (HK)
210.188.206.76/32	creators union 株式会社クリエイターズユニオン (JP)
210.200.0.0/15	Asia Pacific On-line Services Inc. (APOL) (TW)
210.209.13.0/24	TWNAP (TW)
210.210.0.0/17	Sify Technologies Limited (IN)
210.212.0.0/16 218.248.0.0/16	BSNL (Bharat Sanchar Nigam Limited) Internet (IN)
210.228.173.144/24 210.228.174.0/23 210.228.176.0/24	Momotarou Internet Club (NIHONKOUSHIN Co.) (JP)
210.243.128.0/17 210.244.0.0/17	DIGITAL UNITED INC (TW)
210.245.0.0/17	FPT Telecom (VN)
211.24.0.0/15	TIME Telecommunications Sdn Bhd (MY)
211.78.80.0/20	DWINS Digital Service Corp. (TW)
212.12.224.0/19	Wayout Internet Solutions (EG)
212.72.192.0/19	NET IS SAT ltd. (BG)
212.74.96.0/19	Tiscali UK Limited (GB)
212.122.160.0/19	Bulgarian Government Network (BG)
212.138.82.0/26	Al Jouf University (SA)
213.16.56.0/24	SKAT TV Ltd. (BG)
213.19.163.0/24	THAIINTERNATIONAL-NL (TH)
213.112.0.0/14	Bredbandsbolaget Routing Registry (SE)
213.129.96.0/19	South-East Transtelecom Joint Stock Co (RU)
213.176.96.0/24	Malek Ashtar University (IR)
213.195.64.0/19	Ibercom (ES)
213.223.64.10/29	HUMBERT FRANCK, VAINCRE_LA_MUCO (FR)
213.228.128.0/18	Soabor - Comercio de Prendas Lda in Cabovisao - Televisao por Cabo, S.A (PT)
216.133.224.0/19	Roth Williams International Societies of Orthodontists in Vitalstream Holdings, Inc. (US)
216.144.224.0/20	Secured Private Network (US)
216.176.176.0/20	Wowrack.com (US)
216.177.128.0/20	Alentus Corporation (US)
216.219.128.0/17	Affinity Internet, Inc (US)
217.20.118.111/24	netdirekt e. K. (DE)
217.20.160.0/20	WNET (UA)
217.71.128.0/20	Novosibirsk State Technical University (RU)
217.112.112.0/20	Esprit telecom B.V. (NL)
218.102.0.0/15	GOA INTERNATIONAL LIMITED in NETVIGATOR (HK)
218.210.0.0/15	New Century InfoComm Tech. Co., Ltd. (TW)
218.214.0.0/15	Swiftel Communications (AU)
218.248.1.160/27	Osmania University in Bharat Sanchar Nigam Limited (IN)
219.84.0.0/14	Taiwan Fixed Network CO.,LTD. (TW)
219.117.253.88/29	clja.net (Hirohisa Maruyama) in Interlink co., ltd (JP)
220.224.0.0/14	Reliance Communications Ltd (IN)
220.228.0.0/15	New Centry InfoComm Tech. Co., Ltd. (TW)
220.241.0.0/16	PCCW: Pacific Century Cyberworks (HK)
220.246.0.0/16	PCCW: Pacific Century Cyberworks (HK)
221.120.192.0/18	Pakistan Telecommunication Company Limited (PK)
222.124.0.0/16	PT. Telekomunikasi Indonesia Tbk (ID)
222.156.0.0/15	Asia Pacific On-line Services Inc. (TW)
222.252.0.0/14	Vietnam Posts and Telecommunications (VN)
24.232.0.0/16 132.247.0.0/16 132.248.0.0/16 148.201.0.0/16 148.202.0.0/15 148.204.0.0/14 148.208.0.0/12 148.224.0.0/12 148.240.0.0/13 148.248.0.0/15 148.250.0.0/16 150.185.0.0/16 150.186.0.0/15 150.188.0.0/15 157.100.0.0/16 164.77.0.0/16 168.243.0.0/16 177.0.0.0/8 186.0.0.0/7 189.0.0.0/8 190.0.0.0/8 200.0.0.0/7 216.152.160.0/20 216.230.128.0/19 216.241.0.0/19	LACNIC
113.252.0.0/14 118.140.0.0/14 203.184.128.0/17 210.0.128.0/17 218.188.0.0/14 221.127.43.88/14	The criminals' network - Hutchison Global Communications (HK)
58.14.0.0/15 58.16.0.0/13 58.24.0.0/15 58.30.0.0/15 58.32.0.0/11 58.68.128.0/17 58.82.0.0/15 58.120.0.0/13 58.144.0.0/16 58.192.0.0/11 58.240.0.0/12 59.32.0.0/11 59.64.0.0/12 59.80.0.0/14 59.107.0.0/16 59.108.0.0/14 59.148.0.0/15 59.151.0.0/17 59.172.0.0/14 60.0.0.0/11 60.160.0.0/11 60.194.0.0/15 60.200.0.0/13 60.208.0.0/12 61.4.176.0/20 61.28.0.0/17 61.29.128.0/17 61.48.0.0/13 61.128.0.0/10 61.232.0.0/14 61.236.0.0/15 61.238.0.0/15 (HK) 61.240.0.0/14 61.248.0.0/13 89.202.108.0/25 (HK) 110.176.0.0/12 110.192.0.0/11 110.240.0.0/12 111.0.0.0/10 112.0.0.0/10 112.64.0.0/14 112.80.0.0/12 112.96.0.0/13 112.224.0.0/11 113.0.0.0/13 113.8.0.0/15 113.11.192.0/19 113.54.0.0/15 113.56.0.0/15 113.58.0.0/16 113.59.0.0/17 113.62.0.0/15 113.64.0.0/10 113.128.0.0/15 113.218.0.0/15 113.220.0.0/14 113.224.0.0/11 114.80.0.0/12 114.96.0.0/13 114.104.0.0/14 114.112.0.0/13 114.208.0.0/12 114.224.0.0/11 115.190.0.0/15 115.192.0.0/11 115.224.0.0/12 116.1.0.0/16 116.2.0.0/15 116.4.0.0/14 116.8.0.0/14 116.16.0.0/12 116.52.0.00/14 116.56.0.00/15 116.112.0.0/13 116.213.64.0/18 116.213.128.0/17 116.224.0.0/12 116.242.0.0/15 116.244.0.0/14 116.248.0.0/15 116.252.0.0/15 116.254.128.0/17 116.255.128.0/17 117.21.0.0/16 117.22.0.0/15 117.24.0.0/13 117.32.0.0/13 117.40.0.0/14 117.44.0.0/15 117.74.128.0/17 117.75.0.0/16 117.76.0.0/14 117.80.0.0/12 117.128.0.0/10 118.24.0.0/13 118.102.16.0/20 118.112.0.0/13 118.120.0.0/14 118.124.0.0/15 118.126.0.0/16 118.144.0.0/14 118.180.0.0/14 118.184.0.0/13 118.192.0.0/12 118.212.0.0/15 119.2.128.0/17 119.3.0.0/16 119.4.0.0/14 119.8.0.0/15 119.10.0.0/17 119.32.0.0/13 119.40.0.0/15 119.42.0.0/19 119.78.0.0/15 119.80.0.0/15 119.112.0.0/12 119.128.0.0/12 119.144.0.0/14 119.161.128.0/17 119.162.0.0/15 119.164.0.0/14 119.176.0.0/12 119.252.240.0/20 119.253.0.0/16 119.254.0.0/15 120.0.0.0/12 120.24.0.0/14 120.30.0.0/15 120.32.0.0/12 120.48.0.0/15 120.64.0.0/13 120.192.0.0/10 121.8.0.0/13 121.16.0.0/12 121.32.0.0/13 121.40.0.0/14 121.52.208.0/20 121.52.224.0/19 121.204.0.0/14 122.4.0.0/14 122.8.0.0/13 122.64.0.0/11 122.96.0.0/15 122.102.0.0/20 122.102.64.0/19 122.136.0.0/13 122.156.0.0/14 122.188.0.0/14 122.192.0.0/14 122.200.64.0/18 122.224.0.0/12 122.240.0.0/13 123.4.0.0/14 123.8.0.0/13 123.112.0.0/12 123.128.0.0/13 123.137.0.0/16 123.138.0.0/15 123.144.0.0/12 123.160.0.0/12 123.177.0.0/16 123.178.0.0/15 123.180.0.0/14 123.184.0.0/13 123.196.0.0/15 123.232.0.0/14 124.14.0.0/15 124.16.0.0/15 124.42.0.0/16 124.112.0.0/13 124.126.0.0/15 124.128.0.0/13 124.160.0.0/13 124.192.0.0/15 124.200.0.0/13 124.220.0.0/14 124.224.0.0/12 124.240.0.0/17 124.254.0.0/18 125.31.192.0/18 125.32.0.0/12 125.61.128.0/17 125.62.0.0/15 125.64.0.0/11 125.96.0.0/15 125.98.0.0/16 125.208.0.0/18 125.210.0.0/15 125.216.0.0/13 159.226.0.0/16 163.125.0.0/16 166.111.0.0/16 180.152.0.0/13 180.160.0.0/12 180.184.0.0/14 180.188.0.0/17 182.18.0.0/17 182.236.128.0/17 183.0.0.0/10 183.64.0.0/13 202.8.128.0/19 202.10.64.0/20 202.67.128.0/17 (HK) 202.68.0.0/18 (HK) 202.75.208.0/20 202.90.0.0/15 202.92.0.0/14 202.96.0.0/12 202.112.0.0/13 202.120.0.0/15 202.127.24.198/20 202.136.48.0/20 202.152.176.0/20 202.165.176.0/20 202.192.0.0/12 203.86.0.0/18 203.86.64.0/19 203.88.192.0/19 203.90.128.0/18 203.90.192.0/19 203.91.120.0/21 203.148.0.0/18 203.171.224.0/20 203.175.128.0/17 210.14.64.0/19 210.17.128.0/17 (HK) 210.21.0.0/16 210.22.0.0/16 210.25.0.0/16 210.26.0.0/15 210.28.0.0/14 210.32.0.0/12 210.51.0.0/16 210.52.0.0/15 210.72.0.0/14 210.76.0.0/15 210.78.0.0/16 210.82.0.0/15 210.87.128.0/18 210.192.96.0/19 211.64.0.0/13 211.80.0.0/12 211.96.0.0/13 211.136.0.0/13 211.144.0.0/12 211.160.0.0/13 218.0.0.0/11 218.56.0.0/13 218.64.0.0/11 218.96.0.0/14 218.104.0.0/14 218.108.0.0/15 218.192.0.0/12 218.240.0.0/13 218.249.0.0/16 219.90.112.0/20 (HK) 219.128.0.0/11 219.216.0.0/13 219.224.0.0/12 219.242.0.0/15 219.244.0.0/14 220.112.0.0/14 220.160.0.0/11 220.192.0.0/12 220.231.0.0/16 220.248.0.0/14 220.252.0.0/16 221.0.0.0/12 221.122.0.0/15 221.129.0.0/16 221.130.0.0/15 221.172.0.0/14 221.176.0.0/13 221.192.0.0/11 221.224.0.0/12 222.16.0.0/12 222.32.0.0/11 222.64.0.0/11 222.126.128.0/17 222.128.0.0/12 222.160.0.0/14 222.168.0.0/13 222.176.0.0/12 222.192.0.0/11 222.240.0.0/13 222.248.0.0/15 223.0.0.0/12	People's Republic of China (CN) : the world no.1 lawless nation in the internet. many crackers live in these networks and serves phishing pages. for example, this is Fifth Third Bank phising page served by ANHUI TELECOM (2007.2.11) : http://218.22.100.110/cbdir/ (screenshot)
59.160.0.0/14 59.164.0,0/15 61.11.0.0/17 61.16.128.0/17 61.17.0.0/16 115.108.0.0/14 115.112.0.0/13 121.240.0.0/13 202.9.128.0/18 202.54.102.183/16 203.197.0.0/16 203.199.0.0/16 203.200.0.0/16 210.211.128.0/17	THE CRIMINALS' NETWORK - VSNL Videsh Sanchar Nigam Ltd (IN)
1.208.0.0/12 1.224.0.0/11 14.32.0.0/11 14.64.0.0/11 58.72.0.0/13 58.120.0.0/13 58.140.0.0/14 58.148.0.0/14 58.180.0.0/16 58.181.0.0/18 58.184.0.0/16 58.224.0.0/12 59.0.0.0/11 59.150.0.0/16 59.152.128.0/18 61.32.0.0/13 61.40.0.0/14 61.72.0.0/13 61.80.0.0/14 61.84.0.0/15 61.96.0.0/12 61.248.0.0/13 66.232.136.0/21 66.232.144.0/22 110.8.0.0/13 112.144.0.0/12 112.160.0.0/11 112.216.0.0/13 113.130.64.0/19 114.108.0.0/17 114.108.128.0/18 114.141.0.0/19 114.199.128.0/17 114.200.0.0/13 115.40.0.0/15 115.68.0.0/16 115.88.0.0/13 115.136.0.0/13 115.144.0.0/15 115.178.64.0/19 116.32.0.0/12 116.120.0.0/13 117.16.0.0/15 117.110.0.0/15 118.32.0.0/11 118.127.192.0/18 118.128.0.0/14 118.216.0.0/13 119.64.0.0/13 119.192.0.0/11 121.64.0.0/14 121.78.0.0/16 121.88.0.0/16 121.100.64.0/18 121.124.0.0/15 121.126.0.0/16 121.128.0.0/10 121.254.128.0/17 122.128.32.0/19 123.111.0.0/16 123.140.0.0/14 123.212.0.0/14 124.0.0.0/15 124.2.0.0/16 124.5.0.0/16 125.7.128.0/17 124.111.0.0/16 124.136.0.0/14 124.194.0.0/16 125.128.0.0/11 125.240.0.0/13 125.248.0.0/14 125.252.0.0/18 141.223.0.0/16 143.248.0.0/16 150.183.0.0/16 155.230.0.0/16 168.126.0.0/16 175.112.0.0/12 175.158.0.0/19 180.150.192.0/19 180.150.224.0/21 182.252.128.0/17 202.30.0.0/15 203.224.0.0/11 210.57.224.0/19 210.90.0.0/15 210.92.0.0/14 210.96.0.0/11 210.178.0.0/15 210.180.0.0/14 210.216.0.0/13 211.32.0.0/11 211.104.0.0/13 211.112.0.0/13 211.168.0.0/13 211.176.0.0/12 211.192.0.0/10 218.36.0.0/14 218.48.0.0/13 218.144.0.0/12 218.232.0.0/13 219.240.0.0/15 219.248.0.0/13 220.64.0.0/11 220.116.0.0/14 220.120.0.0/13 221.138.0.0/15 221.140.0.0/14 221.144.0.0/12 221.160.0.0/13 221.168.0.0/16 222.96.0.0/12 222.112.0.0/13 222.120.0.0/15 222.122.0.0/16 222.232.0.0/13	KOREA: many crackers live in these networks and serves phishing pages. for example, this is PayPal phising page served by SKNETWORKS-METRO-JEYUN-KR (2005.10.29) : http://211.63.1.132/source/img/banner/.cgi-bin/.webscr/paypal/ (screenshot) and for example, this is eBay phising page served by JANGRIMWORLD in Hanaro Telecom Co. (2006.10.27) : http://211.210.60.2/ebay/login1992/ (screenshot)
31.169.64.0/19 46.45.128.0/18 77.245.144.0/20 78.160.0.0/11 82.151.128.0/19 85.95.224.0/19 89.106.0.0/19 89.107.224.0/21 93.186.112.0/20 95.154.236.0/23 95.154.240.0/23 95.154.242.0/24 95.154.248.0/22 95.183.128.0/17 178.211.32.0/19 188.132.128.0/17 195.174.0.0/15 212.58.0.0/19 212.156.0.0/16 213.128.64.0/19	TRKEY many crackers live in these networks.
77.91.182.0/21 77.233.192.0/19 77.235.192.0/19 77.239.192.0/18 79.137.128.0/17 80.90.112.0/20 80.93.48.0/20 82.147.64.0/18 83.149.0.0/18 84.42.0.0/17 84.52.64.0/18 86.62.64.0/18 89.21.128.0/22 90.189.128.0/17 91.151.240.0/20 91.197.188.0/22 91.197.192.0/21 91.211.44.0/22 91.211.52.0/22 91.211.56.0/21 91.211.64.0/22 94.127.64.0/21 95.141.176.0/20 95.141.192.0/20 95.181.0.0/16 95.182.0.0/17 109.200.96.0/19 188.124.32.0/19 188.127.224.0/19 188.128.0.0/17 194.186.0.0/16 195.19.0.0/16 195.218.128.0/17 212.24.32.0/19 213.170.64.0/18 213.247.128.0/17 213.248.0.0/18 217.65.0.0/20	Russian Federation many criminals live in these networks.
123.200.128.0/17	Austraria many criminals live in these networks.
Dear infected hosts: Welcome to TATSUKICHI Network. We apologize to you for falling short of your expectations. We are WINDOWSOUTSIDE* netowrk and there are no hosts that swallow your dirty packets. PLEASE PLEASE DO NOT POLLUTE THE INTERNET.

本ページは w3m でもそこそこ表示できるように最適化されています [福]