Author: H.ServerUpper (22 Dec 13 6:56am)
I get a lot hits from Kansas City Dnsslave.com. As a matter of fact it appears nobody legit comes from there, at least to my sites. I also get quite a few hits from Zhou Pizhong DS also located in Kansas City. Those two ISP seem to be connected. Easy to block these guys because there they do not have relatively too many IP addresses.
When tracking information spreading, one bot finding a hidden file and spreading that info to other bots, the bots from Zhou Pizhong bots give information to bots in China in short order. Also, attacks directly from Zhou Pizhong IPs seem to be from someone from China (same scripts from both Chinese IP addresses and from Zhou Pizhong IP addresses).
How is possible that these ISPs get away with what they do? Heck if I were send a spam blast from my server I would shut down in about 5 minutes (not that I would do this:-). Same thing if attacks came from server.
I think there needs to be more legal pressure put on ISPs to monitor their IP address. Comply with audits or get shut down. Sounds extreme but hey, it's only going worse as the bad guy get more sophisticated with no hope of a solution in the foreseeable future. Going to be a fun 2014 (/sarcasm).
Interesting read on Kansas City Dnsslave.com and Zhou Pizhong: