Virus Sources

J

John Coutts

Don't know if this info is useful to anyone or not, but we were receiving up to
300 viruses a day from mainly two source networks; Telus and Shaw. Repeated
requests to address the problem went unattended. All the viruses were
quarantined, but the volume of notifications was becoming a real pain, and our
customers were complaining.

By blocking the following network addresses, we were able to reduce that volume
to about 60 a day. These are not all the address blocks in use by these 2
ISP's, just the problem ones. And it doesn't include their own SMTP sending
servers, so legitimate mail should not be blocked.
---------------------------------------------------------
Shaw
24.64.0.0 to 24.71.223.0
24.76.0.0 to 24.79.255.255
24.80.0.0 to 24.80.255.255
24.82.0.0 to 24.82.255.255
24.83.0.0 to 24.83.255.255
24.85.0.0 to 24.85.255.255
64.59.129.0 to 64.59.191.255
68.144.0.0 to 68.151.255.255
---------------------------------------------------------
Telus
64.180.58.0 to 64.180.59.255
66.183.64.0 to 66.183.127.255
209.89.0.0 to 209.89.255.255
205.206.0.0 to 205.206.255.255
199.126.0.0 to 199.126.255.255
198.53.0.0 to 198.53.255.255
161.184.0.0 to 161.184.255.255
142.59.0.0 to 142.59.255.255
142.179.0.0 to 142.179.255.255
142.173.0.0 to 142.173.255.255
137.186.0.0 to 137.186.255.255
----------------------------------------------------------
 
T

Tech Zero

The voice of "John Coutts" drifted in on the cyber-winds,
from the sea of virtual chaos...
Don't know if this info is useful to anyone or not, but we were
receiving up to 300 viruses a day from mainly two source networks;
Telus and Shaw. Repeated requests to address the problem went
unattended. All the viruses were quarantined, but the volume of
notifications was becoming a real pain, and our customers were
complaining.

By blocking the following network addresses, we were able to
reduce that volume to about 60 a day. These are not all the
address blocks in use by these 2 ISP's, just the problem ones. And
it doesn't include their own SMTP sending servers, so legitimate
mail should not be blocked.
Click to expand...
<snip>


A commendable effort... I just double check & the Telus smart host my
domain uses, and the Cablerocket SMTP are both outside the block.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Why So Many Netsky Infections? 7
Anti-virus wars start up again (Its time to party like its the 1999) 30
Lost IE and Outlook Express connection 1
Stealth virus?? 2
KRiLE and Zvi Netiv... for old times sake 8
stopping Virus's, spy ware, and Hackers 1
Recovering from the Flawed McAfee Update 7
Black ops: how HBGary wrote backdoors for the government (part 3) 0

Top