Sponsored by..

Friday, 13 February 2015

Something evil on (Digital Network JSC / com4tel.ru / cloudavt.com)

I've written about DINETHOSTING aka Digital Network JSC many times before, and frankly their entire IP range is a sea of crap, and I have a whole load of blocks in the range (including the entirity of This latest sea of badness seems to be suballocated to a customer using the block.

inetnum: -
netname:        RU-CLOUDAVT-NET
descr:          LLC ABT Cloud Network
country:        RU
admin-c:        PPP9992-RIPE
tech-c:         PPP9992-RIPE
status:         ASSIGNED PA
mnt-by:         DN-MNT
changed:        ncc@msm.ru 20150213
source:         RIPE

person:         Andrey Tkachenko
address:        107589, Russia Moscow street Khabarovsk 4A
e-mail:         cc-it@com4tel.ru
phone:          +7 916 626 7798
fax-no:         +7 916 626 7798
nic-hdl:        PPP9992-RIPE
abuse-mailbox:  info@cloudavt.com
mnt-by:         DN-MNT
changed:        noc@msm.ru 20140429
source:         RIPE

descr:          Digital Network JSC
descr:          Moscow, Russia
descr:          http://www.msm.ru
descr:          aggregate prefix
origin:         AS12695
mnt-by:         DN-MNT
changed:        noc@msm.ru 20121129
source:         RIPE

Just looking at blog posts, I can see badness occurring in the recent past on the following IPs: [1] [2] [3] [4] [5]

That's quite a high concentration of bad servers in a relatively small block. A quick look at what is currently hosted indicates (in my personal opinion) nothing of value, and I would recommend blocking the entire range as a precaution.

1 comment:

Sindhoor Tilak said...

Yeah true, all spywares and spam mail are being sent from this ip block.