ForumPostersUnion.com
|
|||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
| SpamKill.org Intelligence that enables you to fight all types of spam, content scraper crawlers, spam harvesting bots, IP tools, automated server/network software and ASP services are topics discussed. |
 |
|
|
Thread Tools |
|
#1
03-07-2009, 06:16 PM
|
||||
|
||||
|
Spam harvester comment botnet 124.115.1.62
IP 124.115.1.62 is being used by a spam harvester and comment spam mail server operation.
spam harvester mail server bot user agent string list 124.115.1.62 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) inetnum: 124.114.0.0 - 124.115.255.255 netname: CHINANET-SN descr: CHINANET Shanxi(SN) province network descr: China Telecom descr: A12,Xin-Jie-Kou-Wai Street descr: Beijing 100088 country: CN admin-c: CH93-AP tech-c: XC9-AP mnt-by: APNIC-HM mnt-routes: MAINT-CHINANET-SHAANXI mnt-lower: MAINT-CHINANET-SHAANXI remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+ remarks: This object can only be updated by APNIC hostmasters. remarks: To update this object, please contact APNIC remarks: hostmasters and include your organisation's account remarks: name in the subject line. remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+ status: ALLOCATED PORTABLE changed: **********@apnic.net 20060331 source: APNIC route: 124.114.0.0/15 descr: From Shanxi(CHINANET-SN) Network of ChinaTelecom origin: AS4134 mnt-by: MAINT-CHINANET changed: ******@cndata.com 20060707 source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: *********@ns.chinanet.cn.net address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN changed: ******@cndata.com 20070416 mnt-by: MAINT-CHINANET source: APNIC person: Xianghong Cao address: Shanxi provice data communication Bureau address: 185# zhuque Road address: Xi'an city, Shanxi provice 710061 address: CN phone: +8629-523-3633 fax-no: +8629-522-8093 e-mail: ****@public.xa.sn.cn nic-hdl: XC9-AP mnt-by: MAINT-NULL changed: ************@263.net 19990409 source: APNIC
__________________
Real Estate Stock and Mutual Fund Investing~Julia Roberts Photos ~Shakira Fan Forum~Web Development Opportunities 
|
|
#2
10-24-2009, 12:00 PM
|
||||
|
||||
|
Thanks for the info. This host was hitting random paths on my server, raising a lot of suspicion.
|
|
#3
10-24-2009, 12:02 PM
|
||||
|
||||
|
We were forced to install a central firewall, but open proxy IP's and new spam bot IP's that are not in any Databases yet get past it, so you still have to watch your logs and the IP's and user agents hitting your servers.
__________________
Real Estate Stock and Mutual Fund Investing~Julia Roberts Photos ~Shakira Fan Forum~Web Development Opportunities
|
|
#4
10-28-2009, 11:42 AM
|
||||
|
||||
|
Wow this bot is dumb. It's one of the ones that keeps going after you blacklist it.
|
|
#5
10-28-2009, 12:06 PM
|
||||
|
||||
|
Yeah, they never quit knocking on the door, many of these spam bots keep hitting even after being banned, they just see no permission error message until the morons take your URL out of the system, I guess the smart comment spam bot operators have automatic scripts that simply move the bot to a new proxy IP if they keep hitting on your URL.
__________________
Real Estate Stock and Mutual Fund Investing~Julia Roberts Photos ~Shakira Fan Forum~Web Development Opportunities
|
|
#6
11-08-2009, 12:00 PM
|
||||
|
||||
|
This is without a doubt the most persistent bot I've come across. I shot a message to anti-spam@ns.chinanet.cn.net for whatever good that will do.
|
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT -7. The time now is 04:59 AM.