16 Jan
2021
16 Jan
'21
5:51 a.m.
On 1/16/21 12:35 PM, Jann Traschewski via 44Net wrote:
On 16.01.2021 11:50, Rob PE1CHL via 44Net wrote:
I was starting to suspect that. But still I think that people should register
their allocations in DNS (and have their own DNS servers only when the also
make the reverse working), because I see no way to find the owner of that
address right now.
The traffic was not even incoming directly, it arrived via an IPIP tunnel
(probably DB0FHN) and there is no tunnel route back to that address.
Rob
And why is (s)he portscanning for SSH servers?
It is hacked and is looking for other targets.
I already notified Igor, 9A6NVI, to take it offline.