[CentOS] hack / spam/ probe /attack

Thu May 3 20:05:03 UTC 2012
m.roth at 5-cent.us <m.roth at 5-cent.us>

Steven Tardy wrote:
> On 05/03/2012 12:43 PM, bob wrote:
>> so last night all my servers were severely probed and they tried to
>> violate me (lol)
>>
>> the attack was so egregious I decided to contact the isp for that ip.
>> Telepacific.
>> The ip has some google searches that point to a few spam and a few
>> attacks...So i assume a compromised server.
>>
>> So I sent them the info and said it must be a hacked server (the ip is
>> on their business network)
>>
>> they responded  ' you are not  a customer and we cannot by law discuss a
>> customer with you' They wanted me to contact my datacenter so they
could look into it.
<snip>
>> was not expecting that from the isp
> welcome to the internet.
> abuse@ contacts are the best route.
> check whois for a technical/abuse contact.
> possibly check their website for a helpdesk address.

whois only lists a "technical contact" of  hostmaster at telepacific.com.
However, from their website, I went to contact
<http://www.telepacific.com/support/corporate-contacts.asp>, and see
<snip>
877-487-8349 	Emergency Law Enforcement
Option 2. Fraud and subpoena compliance
866-839-8545 	Non-Emergency Toll Fraud, Call Annoyance, Subpoena
Compliance and non-emergency law enforcement
877-702-2873 	Internet Abuse Complaints
<snip>

So if you haven't gone there, that's your next option.

        mark