ssh hacker active with site owner's consent - SSH

This is a discussion on ssh hacker active with site owner's consent - SSH ; FYI, there's an active ssh hacker at 66.249.28.125. RDNS shows this as canyondesigngroup.com . I contacted them Canyon at +1 818 487-9611 and the person claiming to have knowledge of their network said that he was aware of the breach, ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: ssh hacker active with site owner's consent

  1. ssh hacker active with site owner's consent

    FYI, there's an active ssh hacker at 66.249.28.125. RDNS shows this
    as canyondesigngroup.com . I contacted them Canyon at +1 818 487-9611
    and the person claiming to have knowledge of their network said that
    he was aware of the breach, that he had control of the site and that
    he refused to shut down the site.

    These are all the IP addresses I can easily find that are associated
    with canyondesigngroup.com :

    66.249.28.125
    - A record for dancingshiva.com
    - A record for mail.dancingshiva.com
    - RDNS to canyondesigngroup.com

    72.47.195.42
    - A record for canyondesigngroup.com
    - A record for www.canyondesigngroup.com

    207.47.115.125
    - A record for mail.canyondesigngroup.com
    - RDNS to mail.canyondesigngroup.com

    66.253.51.90
    - A record for mail2.canyondesigngroup.com
    - RDNS to dsl253-051-090.lax1.dsl.speakeasy.net

  2. Re: ssh hacker active with site owner's consent

    The address 66.249.28.125 is in the DenyHosts database at www.denyhosts.net

  3. Re: ssh hacker active with site owner's consent

    Daniel Norton wrote:
    > FYI, there's an active ssh hacker at 66.249.28.125. RDNS shows this
    > as canyondesigngroup.com . I contacted them Canyon at +1 818 487-9611
    > and the person claiming to have knowledge of their network said that
    > he was aware of the breach, that he had control of the site and that
    > he refused to shut down the site.
    >
    > These are all the IP addresses I can easily find that are associated
    > with canyondesigngroup.com :
    >
    > 66.249.28.125
    > - A record for dancingshiva.com
    > - A record for mail.dancingshiva.com
    > - RDNS to canyondesigngroup.com
    >
    > 72.47.195.42
    > - A record for canyondesigngroup.com
    > - A record for www.canyondesigngroup.com
    >
    > 207.47.115.125
    > - A record for mail.canyondesigngroup.com
    > - RDNS to mail.canyondesigngroup.com
    >
    > 66.253.51.90
    > - A record for mail2.canyondesigngroup.com
    > - RDNS to dsl253-051-090.lax1.dsl.speakeasy.net


    Looks like time to talk to speakeasy.net, doesn't it?

+ Reply to Thread