Dear Provider

I’m George Egri, the Co-Founder and CEO of BitNinja Server Security. I’m writing to inform you that we have detected malicious requests from the IP 188.xxx.xxx.220 directed at our clients’ servers.

As a result of these attacks, we have added your IP to our greylist to prevent it from attacking our clients’ servers.
Servers are increasingly the target of botnet attacks and you might not be aware that your server is being used as a “bot” to send malicious attacks over the Internet.

I’ve collected some detailed logs of the traffic that may help you disinfect your server

tcp 0 17349 212.#.#.110:80 188.xxx.xxx.220:4042 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3974 ESTABLISHED
tcp 0 23528 212.#.#.110:80 188.xxx.xxx.220:4046 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3976 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3980 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4049 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3997 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4032 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4051 ESTABLISHED
tcp 0 41850 212.#.#.110:80 188.xxx.xxx.220:4034 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3975 ESTABLISHED
tcp 0 3752 212.#.#.110:80 188.xxx.xxx.220:3992 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4010 ESTABLISHED
tcp 0 30278 212.#.#.110:80 188.xxx.xxx.220:4068 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3967 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3985 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4006 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3983 ESTABLISHED
tcp 0 15303 212.#.#.110:80 188.xxx.xxx.220:4037 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4011 ESTABLISHED
..76 more lines.

We have enabled new firewall rules to filter out traffic of this nature. Once the responsible party is identified they will have their account terminated.

Also Read

New Jersey - DDOS from 108.61.1xx.xxx
Recently, we have detected a DDOS attack from 108.61.1xx.xxx:53. Based on the source port number,...
Kansas City SYN Flood
Your IP is sending SYNFloods Date first seen          Duration Proto           IP Addr...
California - 106 Notices of Claimed Infringements
They sent 106 notices of infringmnet instead of 1 notice. Here is a compiliation of...
California - Notice of Claimed Infringement Case 8 Cases
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1VIA EMAIL:Notice of Claimed Infringement via...
DoS attack
Dear Provider, I’m George Egri, the Co-Founder and CEO of BitNinja Server Security. I’m...