the ever-expanding sh*tlist

by Michael Werneburg
on 2017.02.27

You are here:
Risk topics
» Risk topics blog
November, 2017
· the unsafe workplace and the body's response

October, 2017
· ISACA article is live

September, 2017
· published
· the Equifax breach
· Tracking Vulnerability Fixes to Production

August, 2017
· evaluating third party cyber risk

July, 2017
· getting it wrong with R
· de-identifying health information
· that's a lot of tracking!

June, 2017
· gaming Google news
· privacy in this day and age
· another record breach
· writing an industry standard
· ISACA article accepted

May, 2017
· Covey time-management quadrants
· safe harbor de-identification of health data
· an ISACA article

April, 2017
· my guide on managing third party risk
· PMP for five years
· metrics that matter
· 720 reads in 48 hours
· I lost my job

March, 2017
· farewell, SIRA board
· the message and the medium
· an interesting take on consulting

February, 2017
· the ever-expanding sh*tlist
· claiming professional expenses in Canada
· get cyber safe
· the flight of the wealthy

January, 2017
· virtual kidnapping
· financial industry vendor management

November, 2016
· securing your life
· yet another reason to patch


more...

These are the 64 IP addresses that I current block on my websites. They include 50 that are responsible for more than 12,000 attempts at leaving bogus comments on my site just since I started blocking IP's that were leaving spam. I ran each through "dig -x" and have posted either the "answer" domain or the SOA domain. The latter aren't the owners, but they seem to run crappy networks.

108.171.251.2 psychz.net
117.21.225.6	jxncptt.net.cn
137.175.1.205	raksmart.com
151.20.70.240	wind.it
173.44.37.226	quadranet.com
173.44.37.234	quadranet.com
173.44.37.242	quadranet.com
173.44.37.250	quadranet.com
184.154.48.82	mail.icheckmls.co
188.143.232.111	internet-spb.ru
188.143.232.27	internet-spb.ru
188.143.232.31	internet-spb.ru
188.143.232.32	internet-spb.ru
188.143.234.155	internet-spb.ru
192.162.19.193
192.162.19.194
192.162.19.195
192.95.53.187	ovh.ca / ovh.net
193.105.210.30	ripe.net
193.150.120.51	ripe.net (565 attempts since I started blocking)
193.150.120.57	ripe.net (581 attempts since I started blocking)
193.150.120.58	ripe.net (536 attempts since I started blocking)
194.206.36.238	mail.franleader.fr
195.190.13.142	
195.62.25.205	teleglobalua.com
199.19.108.148	elitemail.com.br
200.98.142.45	clouduol.com.br
208.36.144.7	us.xo.net
213.238.175.13	kaledns.com
213.5.71.12	allgamer.net
216.151.130.170	
217.69.134.91	mail.ru
219.195.102.51	bbtec.net
31.41.216.134	besthosting.ua (965 attempts since I started blocking!)
31.41.216.135	besthosting.ua
31.41.216.142	besthosting.ua
37.187.71.217	ip-37-187-71.eu
37.221.161.246	voxility.com
38.99.13.125	cogentco.com
46.161.9.20	ripe.net
64.251.28.71	infolink.com
65.111.177.188	monmysite.com
76.164.224.130	versaweb.net
76.164.234.26	userdns.com / versaweb.com
82.234.165.160	fbx.proxad.net
88.19.130.96	rima-tde.net
88.2.45.33	rima-tde.net
89.245.177.108	versanet.de
91.121.11.117	ip-91-121-11.eu (632 attempts since I started blocking)
91.200.13.18	vhoster.net
91.200.13.20	vhoster.net
91.200.13.7	hidehost.net
91.200.13.87	vhoster.net
91.200.14.55	vhoster.net
91.201.64.223	ripe.net
91.201.64.4	ripe.net
91.207.61.66	xserver.ua
91.207.7.110	
91.231.40.27	
93.114.43.6	voxility.com
96.47.224.42	quadranet.com
96.47.224.50	quadranet.com
96.47.224.58	quadranet.com
96.47.225.162	curacao.io

The sad thing is, with this group of 64 now prevented from obtaining a response from my web server, another group will "rise to the top". All the while, I'm cutting random IP's off from my domains. The Internet is broken.

current
big list
first