overrides-xd: Regular batch of various overrides

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>

diff --git a/overrides/override-xd.txt b/overrides/override-xd.txt
index 0e7e85597c5d86e8e1c1c767644e10f3d8d6cd0a..92c5c3ad15191e969463873cd6fcadf4713fae18 100644 (file)
--- a/overrides/override-xd.txt
+++ b/overrides/override-xd.txt
@@ -172,12 +172,6 @@ remarks:   Bulletproof ISP
 country:       RU
 drop:          yes
 
-aut-num:       AS57416
-descr:         LLC South Internet
-remarks:       Bulletproof ISP
-country:       RU
-drop:          yes
-
 aut-num:       AS57523
 descr:         Chang Way Technologies Co. Limited
 remarks:       Bulletproof ISP
@@ -232,11 +226,6 @@ remarks:   bulletproof ISP (related to AS57717) located in NL
 country:       NL
 drop:          yes
 
-aut-num:       AS59940
-descr:         Kanzas LLC
-remarks:       Rogue ISP
-drop:          yes
-
 aut-num:       AS60424
 descr:         1337TEAM LIMITED / eliteteam[.]to
 remarks:       Bulletproof ISP
@@ -319,12 +308,6 @@ remarks:   IP hijacker located in HK
 country:       HK
 drop:          yes
 
-aut-num:       AS138687
-descr:         Xdeer Limited
-remarks:       Rogue Serverion customer located in NL, tampers with RIR data en masse
-country:       NL
-drop:          yes
-
 aut-num:       AS139330
 descr:         SANREN DATA LIMITED
 remarks:       IP hijacker located somewhere in AP region, tampers with RIR data
@@ -508,12 +491,6 @@ remarks:   Dirty ISP located somewhere in EU, cannot trust RIR data of this networ
 country:       EU
 drop:          yes
 
-aut-num:       AS213010
-descr:         GigaHostingServices OU
-remarks:       Does not appear to host any legitimate infrastructure whatsoever, just mass brute-force login attempts
-country:       PL
-drop:          yes
-
 aut-num:       AS213058
 descr:         Private Internet Hosting LTD
 remarks:       bulletproof ISP located in RU
@@ -538,12 +515,6 @@ remarks:   IP hijacker, traces back to AP region
 country:       AP
 drop:          yes
 
-aut-num:       AS328671
-descr:         Datapacket Maroc SARL
-remarks:       bulletproof ISP (strongly linked to AS202425) located in NL
-country:       NL
-drop:          yes
-
 aut-num:       AS393889
 descr:         EightJoy Network LLC
 remarks:       Most likely hijacked or criminal AS
@@ -568,12 +539,6 @@ remarks:   ISP located in KR, tampers with RIR data
 country:       KR
 drop:          yes
 
-aut-num:       AS399674
-descr:         INTERNET HOSTSPACE GLOBAL INC
-remarks:       Shady ISP located in US, solely announcing "Cloud Innovation Ltd." space - no one will miss it
-country:       US
-drop:          yes
-
 aut-num:       AS400161
 descr:         Academy of Internet Research Limited Liability Company
 remarks:       Mass-scanning, apparently without legitimate intention
@@ -607,36 +572,6 @@ remarks:   Attack network tracing back to NL
 country:       NL
 drop:          yes
 
-net:           103.176.21.0/24
-descr:         GIAP BICH NGOC COMMUNICATION COMPANY LIMITED
-remarks:       Brute-force attack network
-drop:          yes
-
-net:           109.206.241.0/24
-descr:         Serverion B.V.
-remarks:       Leased to Neterra, all cybercrime, all the time
-drop:          yes
-
-net:           111.7.96.0/24
-descr:         China Mobile Communications Corporation
-remarks:       Brute-force attack network
-drop:          yes
-
-net:           114.246.10.0/24
-descr:         China Unicom Beijing province network
-remarks:       Brute-force attack network
-drop:          yes
-
-net:           116.7.245.0/24
-descr:         CHINANET Guangdong province network
-remarks:       Brute-force attack network
-drop:          yes
-
-net:           154.89.5.0/24
-descr:         Agotoz HK Limited
-remarks:       Brute-force attack network
-drop:          yes
-
 net:           185.156.72.0/24
 descr:         TOV VAIZ PARTNER / InterHost
 remarks:       Attack network tracing back to UA