[caiu] Ataque serviços de DNS
Douglas Fischer
fischerdouglas em gmail.com
Domingo Março 9 10:54:50 BRT 2014
Mudando de saco para mala, mas ainda falando de segurança:
Em alguns ataques supostamente DDoS que acompanhei a mitigação,
cheguei a conclusão que na verdade não era um DDoS, e sim Spoofing.
Exportei os logs p/ tabela dinâmica, e comecei a brincar com o cubo.
- Diversas redes, inclusive brasileiras.
- Quase sempre 3 ou 4 IP da mesma sub-rede.
- As tentativas vinha com espaçamento de tempo quase uniforme.
-Mesmo vindo de origens supostamente diferentes.
Ai vem a pergunta:
Ciente de que única forma eficiente de controlar spoofing é na origem, quem
deveria verificar spoofing nas fronteiras internacionais? Ou isso é
impossível?
Existe alguma iniciativa, como a de antispam(bloqueio da porta 25) para o
antispoofing?
2014-03-08 0:08 GMT-03:00 Rubens Kuhl <rubensk em gmail.com>:
> Eu acho que muita gente vai ficar chateada se ele desligar o GigaDNS...
>
>
> Rubens
>
>
>
> On Sat, Mar 8, 2014 at 12:05 AM, Rodrigo Meireles <mikrotikfull em gmail.com
> >wrote:
>
> > Fecha o relay!
> >
> >
> > 2014-03-07 23:51 GMT-03:00 Andrio Prestes Jasper <mascaraapj em gmail.com>:
> >
> > > Você está permitindo consulta de todos ou configurou ele para aceitar
> > > somente da sua rede?
> > >
> > >
> > > 2014-03-07 23:21 GMT-03:00 Juliano Primavesi | KingHost Hospedagem de
> > Sites
> > > <juliano em kinghost.com.br>:
> > >
> > > >
> > > > IDS nao deve bloquear isso...
> > > >
> > > > 1394245269] unbound[5534:1] info: 189.14.239.218
> > > > qokmz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 187.62.211.174
> > > dah.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:4] info: 177.36.206.6
> > > > alafotynstsbwd.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.236.199.18
> > > > cvgjsjkpixkj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.226.6.200
> > > > kfinkdebmtgzcj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.226.6.200
> > > > ijwfsbojgbonyvof.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.226.6.200
> > > > whgrmlunyxihsvet.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.226.6.200
> > > > udyjmbstqhenkhih.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.226.6.200
> > > > etgpmxoxcvolkvkf.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 189.44.218.58
> > > > sbwxevyhqrwhst.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.7
> > > tyxwf.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:4] info: 186.226.6.200
> > > > rlkqvemnhed.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.226.6.200
> > > > abqncbqrqtwhyl.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.219.211.6
> > > > yauynuvvbirqkcu.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.219.211.6
> > > > zxefnplkcbfilqd.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.219.211.6
> > > > ovezejoryxkdatkl.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.19.195.93
> > > > fjxoamayhytdsvx.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 177.124.100.58
> > > > lppliallg.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.7
> > > > azcdsvupwxsxelqf.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 187.62.211.174
> > > > azwhobmtadsrab.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 177.107.96.252
> > > > adsvmryxwnetgj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 187.62.211.174
> > > > uxizmdazslmnyz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.208.64.66
> > > > izerynmrehynmt.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 177.124.100.58
> > > > kspmtczby.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 177.101.121.66
> > > > gcgna.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 177.124.100.58
> > > > rrtlzkgas.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 187.62.211.174
> > > > yfqpwbyvkjobkz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 177.124.100.58
> > > > hlqchxnqj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 189.19.195.93
> > > > rbkqrrzfffyfnwd.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.219.211.6
> > > zqd.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:3] info: 187.0.13.70
> > > > tjtdmpfpyhxiovo.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 189.91.128.7
> > > fscni.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:3] info: 189.91.128.7
> > > > xvcdedydhhc.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 187.4.98.171
> > hov.incdn42.0530mall.com
> > > .
> > > > A IN
> > > > [1394245269] unbound[5534:3] info: 187.4.98.171
> > zfm.incdn42.0530mall.com
> > > .
> > > > A IN
> > > > [1394245269] unbound[5534:3] info: 186.219.211.6
> > > > abunibwfkdcvif.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 177.36.218.111
> > > > ejanspwfyxcfqxgz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 177.36.218.111
> > > > qvsjslgxydozkpox.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 177.101.121.66
> > > > gtmvhgzcpdugdlh.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 186.219.211.6
> > > > ktsjsxgxsvqvanar.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 189.91.128.7
> > > > urrlhevsazlgjyj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.219.211.6
> > > > wvctcrwjapct.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 200.202.236.94
> > > > nprckukex.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 177.36.206.6
> > > > wwngorqyszk.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 200.202.236.94
> > > > ouigt.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.51.4.2
> > > > mzgjstyjypajuncj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.8
> > > jbckm.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:0] info: 189.51.4.2
> > > > kxcvsnyvyzgtyvet.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 186.226.6.200
> > > > qbjcekm.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 177.124.100.110
> > > > qbcferoxyduxinwt.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 189.91.128.8
> > > > abcdrsthijxlz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 177.124.100.50
> > > > unofyrcrkjmzelir.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.219.211.6
> > > > gesctijis.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.51.4.2
> > > > afwtolmnmhcbydab.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 186.226.6.200
> > > > xxeilrqbevoniwu.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 200.179.190.163
> > > > ibazqjkzoxur.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 177.10.116.3
> > > > ujooughvjpo.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 186.208.64.66
> > > > ijoxszyzyzwpoj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 186.226.6.200
> > > > drtwohkpbsjctms.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 177.101.121.66
> > > > gmrthfihr.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 177.101.121.66
> > > > fraet.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.200.186.10
> > > > pfrbcfh.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 177.124.100.110
> > > > admbenifyrutcdej.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.8
> > > > etytinwhqdqzcf.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.51.4.2
> > > > wbmtszgfwpkb.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.91.128.7
> > > > snmvknunyvwp.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 189.84.116.201
> > > > okeof.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 187.109.34.18
> > > > szgrivgnudon.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.200.186.10
> > > > kpabkduxszwz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 189.91.128.8
> > > > abwxazangzyz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 189.91.128.8
> > > > wrcpctctobazyz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.8
> > > > czwlofcrijkvevul.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 177.124.100.110
> > > > wxqbqlctwhgzupkb.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 186.219.211.6
> > > > urnpi.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 187.62.211.174
> > > > icrrfpk.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 177.124.100.59
> > > > wdqbuzsvkzwvkz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 189.91.128.8
> > > qcmrk.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:1] info: 186.226.6.200
> > > > cnidwdmbezgr.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 186.226.6.200
> > > mjk.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:3] info: 187.109.34.18
> > > > qdszmrcvidktghgt.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.225.38.110
> > > vmp.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:4] info: 186.225.38.110
> > > > nocqestuvjkym.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.91.128.8
> > > > aikkwhqpn.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.226.6.200
> > > > yjdopuitvvejhrn.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.225.38.110
> > > > xdnzyfxqi.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.51.4.2
> > hpxhd.incdn42.0530mall.com
> > > .
> > > > A IN
> > > > [1394245269] unbound[5534:2] info: 189.84.116.201
> > > > sxeef.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.84.116.201
> > > > mfuvg.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 177.137.200.38
> > > ooj.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:5] info: 186.219.211.6
> > > > cmossyhezisgkse.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 186.219.211.6
> > > uwv.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:0] info: 186.219.211.6
> > > nbk.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:0] info: 186.195.129.67
> > > ptl.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:0] info: 186.219.211.6
> > > > wkfxctymydtlqwr.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 186.219.211.6
> > > > fchyp.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 186.219.211.6
> > > kly.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:5] info: 189.91.128.7
> > > > qrmrwxahetil.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 186.225.38.110
> > > > vhfecmj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 177.101.121.66
> > > > qnxxxenisegzhjg.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 186.200.186.10
> > > > mvljfhlsx.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 177.101.121.66
> > > > abcdrfthijxlz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.208.66.58
> > > > tvqot.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 186.208.66.58
> > > > dziiujsus.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 189.91.128.8
> > > > pgbrzufhatp.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 189.91.128.8
> > > > huaheuqkg.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 189.51.4.2
> > > > rgzltcjmjxjxtsw.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 189.84.116.201
> > > utm.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:1] info: 177.101.121.66
> > > nhi.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:1] info: 187.62.211.174
> > > > mhofwbmvsvcp.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 186.226.6.200
> > > > mhnwahqyygeivzm.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 187.62.211.174
> > > > ozgnktanivmn.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 177.124.100.59
> > > > irgfmbmvirml.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 177.107.96.252
> > > > wdkxetujqtgvijub.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 187.6.124.75
> > > niyfv.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:6] info: 189.91.128.8
> > > > zvcnclnjh.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 189.91.128.7
> > > > iywkiuzqcio.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 189.91.128.8
> > > > lnnzbbowl.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.7
> > > > nbpqesghiwklm.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.200.186.10
> > > > idgrmxexwzmzchyd.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.7
> > > > cnmfedqfsnctaj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 186.225.38.110
> > > > pcsnvvp.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.91.128.8
> > > > fkuxlrpaztw.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.219.211.6
> > > > grelebkdypknmx.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 187.85.236.131
> > > > ujebwrcjihoxut.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 189.91.128.7
> > > ylrqu.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:3] info: 186.219.211.6
> > > > aopqefguiwxlz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.219.211.6
> > > > cdkryhepcpirqdiz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 189.84.116.201
> > > zuk.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:2] info: 177.101.121.66
> > > > ovghetohchwlez.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.219.211.6
> > > > loonnrzygvkgkly.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 186.208.64.66
> > > > uhejunebyjcrqfml.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.76.240.2
> > > fiedy.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:6] info: 186.225.38.110
> > > > guetjckcc.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.84.116.201
> > > zko.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:2] info: 186.208.66.58
> > > evq.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:4] info: 189.51.4.2
> > > > wmorljjhggofyau.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.91.128.7
> > > > rlndhldny.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.208.66.58
> > > > qekvrwf.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 189.91.128.7
> > > rmfei.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:6] info: 189.84.116.201
> > > xsn.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:5] info: 186.230.186.2
> > > > abpdrfghvjklz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.208.66.58
> > > > xxuvuqyqt.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.8
> > > > slirglebgjgz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 200.202.236.94
> > > > hrtojnvfwuq.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 177.107.96.252
> > > > azsfwdqnsdklcpov.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 187.44.1.220
> > > > nocdrfguvwxyz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.200.186.10
> > > > ebqhkzmpilmtwn.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.230.186.2
> > > > nbpdrfghvwxlz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 177.36.206.6
> > > unmfg.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:4] info: 187.62.211.174
> > > > odmjuvyhkfenwr.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.84.116.201
> > > > csdpvbaxu.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 200.202.236.94
> > > > olkijqrnpwu.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 187.0.13.70
> > > > yqhagxbrrdrhmlz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.51.4.2
> > > > gjazcpgrehyzulwh.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 200.179.190.163
> > > > mfwvgdcpwzmx.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 189.91.128.7
> > > yhrxt.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:6] info: 189.51.4.2
> > > > apmlezirmfux.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 187.109.34.18
> > > > wlqzcrqpmxopkf.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:1] info: 187.4.98.171
> > luw.incdn42.0530mall.com
> > > .
> > > > A IN
> > > > [1394245269] unbound[5534:1] info: 186.200.186.10
> > > ezm.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:1] info: 186.200.186.10
> > > aqg.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.8
> > > > gajqdyixi.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.8
> > > > bcfqzbjcp.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.8
> > > > expplddqh.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.84.114.83
> > > > spjyb.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 187.109.34.18
> > > > qtmbargrepsror.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.84.116.201
> > > > vgohi.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.91.128.8
> > > > qenjlagon.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 177.101.121.66
> > > uhe.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:5] info: 177.36.206.6
> > > > ncmrfaipsbg.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 189.19.195.93
> > > > kbmqtamaqbcjhxh.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 177.38.144.18
> > > > epsgfgaflmcnmee.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 177.38.144.18
> > > > xiuwvutwqhzccip.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:0] info: 177.101.121.66
> > > > cydsoqstbakqqvz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 177.101.121.66
> > > > aopdrsguiwkyz.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 187.62.211.174
> > > > lqxfc.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.19.195.93
> > > > dxtazozerimzhfa.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.230.186.2
> > > > naatayghihxewon.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 177.124.100.18
> > > > kbqjmbsxkpmnax.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.230.186.2
> > > > uekodnsxlfy.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.208.64.66
> > > > mbqzyhczgnofyn.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.208.64.66
> > > > wdwlkjmhwlatyf.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.51.4.2
> > > > jagwxhcrspzjilq.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.200.186.10
> > > > vbbpxrg.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.230.186.2
> > > > rvdgd.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 186.200.35.146
> > > > gkhulpkgs.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.84.119.244
> > > > bquwzcosr.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.91.128.8
> > > > vsvhbhuhhck.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.84.119.244
> > > > abzyzexgkmh.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:7] info: 189.84.119.244
> > > > fdfvgxo.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:5] info: 189.51.4.2
> > > > anetwnkrabefyp.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.200.35.146
> > > > mjqxnzphk.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 187.62.211.174
> > > > axwxkbsxcralof.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.7
> > > > ozodorgfuzsfyrur.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 186.230.186.2
> > > > lwevjebpfvv.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 177.22.104.70
> > > > cewusdnmnhr.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.8
> > > > jczywaxvk.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.84.119.244
> > > > vvxiekc.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.84.119.244
> > > > ihkfincjsl.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.84.119.244
> > > > bxjmvzi.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.7
> > > > cjmvuvwtmronql.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.7
> > > > ufafwzalirivgpan.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.7
> > > > uhbkjztvx.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.91.128.8
> > > > svujankvojsvsfij.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.44.218.58
> > > > shbslbheotmabdx.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:4] info: 189.84.119.244
> > > > ogfwltd.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 186.193.97.178
> > > > ijujuzkdgnapqxgj.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 189.84.119.244
> > > > uxazedmtwr.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 186.193.97.178
> > > > kdqrunqrmdovejsn.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:2] info: 177.85.16.2
> > > jybrn.incdn42.0530mall.com.
> > > > A IN
> > > > [1394245269] unbound[5534:4] info: 189.84.119.244
> > > > tputuvadmamiwlv.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:6] info: 186.208.64.66
> > > > apgbcxsfcjufwbmn.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 186.193.97.178
> > > > clubijafmfihsnob.incdn42.0530mall.com. A IN
> > > > [1394245269] unbound[5534:3] info: 189.14.239.218
> > > > etmxnixde.incdn42.0530mall.com. A IN
> > > >
> > > > Juliano
> > > >
> > > > Em 07/03/2014, à(s) 16:04, Gustavo S. Carneiro <euusolinux em gmail.com
> >
> > > > escreveu:
> > > >
> > > > > Tenho IDS, bloqueia automático. :)
> > > > >
> > > > >
> > > > > 2014-03-07 16:02 GMT-03:00 Leandro de Lima Camargo <
> > > > leandrobachero em gmail.com
> > > > >> :
> > > > >
> > > > >> Recebi tentativa de acesso num servidor PPTP (TCP/1723) e com
> origem
> > > na
> > > > >> China também.
> > > > >> Mas foi pouca coisa..
> > > > >>
> > > > >>
> > > > >> Atenciosamente
> > > > >> Leandro de Lima Camargo
> > > > >>
> > > > >>
> > > > >> 2014-03-07 15:44 GMT-03:00 Gustavo S. Carneiro <
> > euusolinux em gmail.com
> > > >:
> > > > >>
> > > > >>> Eu estou recebendo tentativas de SSH e FTP, também maioria com
> IPs
> > de
> > > > >>> origem de China.
> > > > >>> Já bloqueei mais de 200 IPs no firewall.
> > > > >>>
> > > > >>>
> > > > >>> 2014-03-07 15:41 GMT-03:00 Sergio Ferreira <sergio em wgo.com.br>:
> > > > >>>
> > > > >>>> Alguém mais sofrendo com ataques a serviços de DNS ?
> > > > >>>>
> > > > >>>> Estamos recebendo milhões de pacotes buscando serviços de DNS
> > ativos
> > > > na
> > > > >>>> nossa rede.
> > > > >>>>
> > > > >>>> Quase todos com origem na china.
> > > > >>>>
> > > > >>>> Sérgio Ferreira
> > > > >>>> WGO Telecom
> > > > >>>> 64 3441 5230
> > > > >>>> 64 8119 1840
> > > > >>>>
> > > > >>>> _______________________________________________
> > > > >>>> caiu mailing list
> > > > >>>> caiu em eng.registro.br
> > > > >>>> https://eng.registro.br/mailman/listinfo/caiu
> > > > >>>>
> > > > >>>>
> > > > >>>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> > > > >>>>
> > > > >>>> https://eng.registro.br/mailman/options/caiu
> > > > >>>>
> > > > >>>
> > > > >>>
> > > > >>>
> > > > >>> --
> > > > >>> *Gustavo S. Carneiro*
> > > > >>> *dois . comunicação e tecnologia.*
> > > > >>> +55 34 *8869-5735*
> > > > >>> +55 34
> > > > >>> *3842-4896*
> > > > >>> _______________________________________________
> > > > >>> caiu mailing list
> > > > >>> caiu em eng.registro.br
> > > > >>> https://eng.registro.br/mailman/listinfo/caiu
> > > > >>>
> > > > >>>
> > > > >>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> > > > >>>
> > > > >>> https://eng.registro.br/mailman/options/caiu
> > > > >>>
> > > > >>
> > > > >>
> > > > >>
> > > > >> --
> > > > >> Atenciosamente
> > > > >>
> > > > >> *Leandro de Lima Camargo*
> > > > >> *+55 35 9904-0220*
> > > > >> _______________________________________________
> > > > >> caiu mailing list
> > > > >> caiu em eng.registro.br
> > > > >> https://eng.registro.br/mailman/listinfo/caiu
> > > > >>
> > > > >>
> > > > >> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> > > > >>
> > > > >> https://eng.registro.br/mailman/options/caiu
> > > > >>
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > *Gustavo S. Carneiro*
> > > > > *dois . comunicação e tecnologia.*
> > > > > +55 34 *8869-5735*
> > > > > +55 34
> > > > > *3842-4896*
> > > > > _______________________________________________
> > > > > caiu mailing list
> > > > > caiu em eng.registro.br
> > > > > https://eng.registro.br/mailman/listinfo/caiu
> > > > >
> > > > >
> > > > > --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> > > > >
> > > > > https://eng.registro.br/mailman/options/caiu
> > > >
> > > > _______________________________________________
> > > > caiu mailing list
> > > > caiu em eng.registro.br
> > > > https://eng.registro.br/mailman/listinfo/caiu
> > > >
> > > >
> > > > --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> > > >
> > > > https://eng.registro.br/mailman/options/caiu
> > > >
> > >
> > >
> > >
> > > --
> > > Andrio Prestes Jasper
> > > Celular: (65) 8444 0040 / 8160 9761
> > > site: http://www.lgmtecnologia.com.br
> > > email: andrio.jasper em lgmtecnologia.com.br
> > > msn: mascara_apj em hotmail.com
> > > _______________________________________________
> > > caiu mailing list
> > > caiu em eng.registro.br
> > > https://eng.registro.br/mailman/listinfo/caiu
> > >
> > >
> > > --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> > >
> > > https://eng.registro.br/mailman/options/caiu
> > >
> >
> >
> >
> > --
> > *Rodrigo Melo Meireles*
> > Analista/Consultor de Redes
> > Analista de Segurança
> > Mikrotik Certified MTCNA
> > Mikrotik Certified MTCTCE
> > Mikrotik Certified MTCRE
> > Mikrotik Certified MTCINE
> > MIkrotik Certified Firewall Advanced
> > Wireless Mikrotik Certified
> > Ubiquiti Certified
> > Ubuntu Certified - 199 Server
> > Cisco - CCNA
> > Fone:
> > 85.87895454 - OI
> > 85.81929812 - Vivo
> > 85.96459346 - TIM
> > Skype:mikrotikfull em gmail.com
> > _______________________________________________
> > caiu mailing list
> > caiu em eng.registro.br
> > https://eng.registro.br/mailman/listinfo/caiu
> >
> >
> > --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
> >
> > https://eng.registro.br/mailman/options/caiu
> >
> _______________________________________________
> caiu mailing list
> caiu em eng.registro.br
> https://eng.registro.br/mailman/listinfo/caiu
>
>
> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>
> https://eng.registro.br/mailman/options/caiu
>
--
Douglas Fernando Fischer
Engº de Controle e Automação
More information about the caiu
mailing list