[Dxspider-support] Fwd: DoS attack from IP address 92.170.93.147
Mike McCarthy, W1NR
sysop at w1nr.net
Fri Mar 27 15:47:43 CET 2020
This is the latest message i sent to his ISP. It now appears that he is
rapidly changing call signs and using multiple cluster connections to
increase the level of his attack.
I urge all sysops to send a similar abuse report with actual log
excerpts from your own cluster node.
73 de Mike, W1NR
-------- Forwarded Message --------
Subject: DoS attack from IP address 92.170.93.147
Date: Fri, 27 Mar 2020 10:37:37 -0400
From: Mike McCarthy, W1NR <sysop at w1nr.net>
To: abuse at orange.fr
I am a system operator of a Amateur Radio spotting node connected to a
worldwide network of over 400 nodes. There is a person at IP address
92.170.93.147 who has detected that he is being blocked and has ramped
up his SPAM messages to what I now consider a Denial of Service attack.
An excerpt of my log shows
1585310713^-> D KY4XX-3
PC92^WW1R-9^43510.01^A^^1V1RUS:92.170.93.147^1GW0HYU:86.149.87.219^H94^
The first number is the epoch timestamp of the message. This translates
to Friday, March 27, 2020 8:05:13 AM GMT-04:00 DST. The field
1V1RUS:92.170.93.147 is the current bogus amateur callsign he is using
followed by the IP address of his connection.
These messages are being auto-generated and designed to flood the
network. They have become much more frequent from multiple connections
and have become a serious issue with the system operators around the world.
I ask that this account be suspended until he agrees to stop these attacks.
Regards,
Michael McCarthy
System operator of telnet spotting node dx.w1nr.net
More information about the Dxspider-support
mailing list