Hi Online team,
I keep sending abuse reports for the same three IPs every day (SIP bruteforce >200 failed logins per minute),
and every day I get the same mail back “oh we are so sorry, we had a virus”, “we have removed the offending program”…
but every morning my mailbox is full again with attack warnings from our IDS.
Who do I have to contact to finally have these offending servers shut down?
Your customers apparently do not do anything to resolve the issue, or they even run these attacks deliberately.
If this isn’t being taken care of soon, I will forward the abuse reports to your network providers to have the AS blackholed!
Regards
~woo