Mittwoch, 7. Oktober 2015

208.100.26.230 - Several FTP attempts

BEGIN OF FTP DATA:
2015-10-08 02:08:56
Source IP: 208.100.26.230
Country: US RiskScore: 1 Malware: []
 Basically every access method was tried to use, in the logs I can see
  • HTTP
  • Kerberos
  • Lanman
  • etc.

208.100.26[.]230

    Static Source: GeoIP data
  • Country: United States
  • ASN: AS32748 Steadfast Networks
    Dynamic Source: SANS Internet Storm Cast
  • comment:IP is listed on SANS ISC
  • comment:This entry alone does not indicate a threat, please check the link
  • Reference: https://isc.sans.edu/api/ip/208.100.26.230
    Static Source: http://sendmespamids.blogspot.nl/ Blacklist
  • Comment: Listed on Honeypot blacklist
  • Reference: https://raw.githubusercontent.com/johestephan/smsids-blacklist/master/blacklist.txt