Malicious IP being blocked? spreading Mozi-elf-worm.

Re: https://urlhaus.abuse.ch/url/297962/ because of downloading “elf”.
See: https://www.shodan.io/host/218.21.170.6
Telnet vulnerability: https://www.hackingarticles.in/penetration-testing-telnet-port-23/
Re: https://www.techrepublic.com/article/protect-your-network-from-this-telnet-vulnerability/
See various abuse attempts: https://viz.greynoise.io/ip/218.21.170.6
detecting solutions: https://www.virustotal.com/gui/url/b8aee68c7ba0b01e1cf6381ff46711732d0176d73b27c936426d15b4058c5646/detection
detected url’s: https://www.virustotal.com/gui/ip-address/218.21.170.6/relations

pol

Port 8088

Hikvision DVR
HTTP: Support Methods: OPTIONS TRACE GET HEAD POST PUT DELETE

We can see though through a simple test that PUT is not a permitted option.

HTTP/1.1 405 Method Not Allowed Date: Sun, 26 Jan 2020 07:34:57 GMT Server: App-webs Content-Length: 228 Content-Type: text/html Connection: close Document Error: Method Not Allowed

Access Error: 405 -- Method Not Allowed

Method PUT not supported by file handler at this location

SSH, Telnet and FTP all appear to be invulnerable from exploits and banner grabbing. MSFConsole (Metaplsoit’s) modules failed, as did manual attempts to connect.

Edit: DELETE fails as well.