The major one is botnets through compromised IPTV devices using these networks. We have a pretty small set of users ~4k but some cannot get service without satellite so they use these networks. We can’t distinguish if these are compromised devices from our competitors (or in our problem case, a mobile user from 5 states away brute-forcing services). The ARIN data is very inconsistent and most of them don’t add the local region.
I guess we’ll have to refactor with geo-location. Just wondering if there was an easier way out :P
The major one is botnets through compromised IPTV devices using these networks. We have a pretty small set of users ~4k but some cannot get service without satellite so they use these networks. We can’t distinguish if these are compromised devices from our competitors (or in our problem case, a mobile user from 5 states away brute-forcing services). The ARIN data is very inconsistent and most of them don’t add the local region.
I guess we’ll have to refactor with geo-location. Just wondering if there was an easier way out :P