the connections he has, and how powerful he is
(though I have yet to see proof of this).
So, I'm not exactly sure what to make of this... It could be Peter, and the
mirror of the page I've seen certainly makes it look like something he'd
write. But, could be a joe job too.
--
Brian Bruns
Erm, something is definately up tonight. Message is below, for those of you
who didn't want to touch this message.
I can't get to the site listed in the message, so I have no idea what its
trying to deliver exactly.
Anyone care to comment?
--
Brian Bruns
The Summit Open Source Development
another -
especially not based on IRC logs.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
On Mon, March 15, 2004 3:21 pm, [EMAIL PROTECTED] said:
Anyone else seeing an error getting to www.cisco.com?
Yep, from AOL, level3, and RoadRunner. All coming back as 403.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
is slow, creating
even more load, and you get the picture. :-)
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
of the ordinary, but I don't have the most wide view of the Internet from
these routers.
It could also be DoS attacks too.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http
homepage
from a blacklisted IP address, and you'll see what I mean).
When trying to figure out where a problem is, sometimes its good to try from
multiple locations regardless, even if it seems to be a problem specifically
with the server itself.
--
Brian Bruns
The Summit Open Source Development
.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
the mail while you are offline,
but haven't seen outgoing SMTP services - which is why I asked :-)
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
something like this out, and expect not to
get themselves sued to the moon and back when it fires a shot at an innocent
party?
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http
On Thursday, March 11, 2004 3:05 AM [EST], Brian Bruns [EMAIL PROTECTED]
wrote:
Sounds like efnet channel wars on a much more interesting scale.
Like I've said in previous posts - do we really want these people having
tools like this? Doesn't this make them the equivelant of 'script
.
When providers dont act on abuse, you have to put the pressure on. Sometimes,
that means forcing their legit customers to start to complain and thow a fit
with their provider over the blocks.
Yes, its ugly and unfair, but thats the only way to get them to act.
--
Brian Bruns
The Summit Open
up on 69.6.21.60.
Wholesalebandwidth is just a front-end for spammers. I've had them
blacklisted for a long time with no ill affects (and alot less spam).
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
with the same error as
if I was trying to contact one of their users. Sooo, you kinda see the
issue.
Thanks
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
blacklist entry in the AHBL
during the attack didn't get the message through.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
that I had done the scan,
so I should know what IP she is. Too bad I test over 100,000 IP addresses
daily for open proxies
Lets not even get into the legal consequences for a tool like this, especially
if it backfires and launches an attack against the NIPC, for example.
--
Brian Bruns
connection. This is
also why spammers have 'fronts'. :-)
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
Anyone happen to know of a contact for Comcast's mail server administrators?
I need to discuss an issue with them about their mail servers mailbombing my
systems from a joe job.
Thanks.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam
operations of ISPs, this is quite an interesting read.
Basically, Microsoft is claiming that security exploits only come out after
patches.
Uh huh, yeah right.
(waiting for his list AUP violation notice, again)
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed
about SiteFinder, I've gone ahead and setup a
discussion list on my server for general talk about SiteFinder. Its
unmoderated, everyone is welcome to signup and post your views.
http://wwwapps.2mbit.com/mailman/listinfo/sitefinder-discuss
--
Brian Bruns
The Summit Open Source Development
On Thursday, February 26, 2004 8:21 PM [EST], Deepak Jain [EMAIL PROTECTED]
wrote:
Doesn't sitefinder give one registry superior access to the registry's
resources than the others, etc, etc?
It gives Verisign/NetSol the ability to generate exclusive profit from the
hijacking of every
and other issues we will have
if they don't get their way.
I have a feeling that I'm going to get whacked for violating the AUP of the
list, but oh well. Truth hurts.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
(fractional T1 support, HDLC, PPP,
FrameRelay, etc). Theres also a 56k dialup backup module which is handy.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
, enough of my moaning about the problem for now. If anyone has any
real life examples and stories they'd like to share with me so I can add to my
paper on the SiteFinder issue, let me know offlist, and I'll add it.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed
months ago he went on a joe job
spree spamming my home phone number and a dozen other people's.
They are bold, and don't seem to fear anyone. You can keep killing them, and
they don't learn.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam
for this kind of
stuff, and would like to get some feedback as to what others are seeing with
their end users. I have a sinking feeling that when I take the time to file
an official bug report/issue, they will tell me 'reformat and reinstall'.
--
Brian Bruns
The Summit Open Source Development Group
or PaintShop Pro and watch it moan about the format not
being right.
The sudden decrease in quality could be because they turned up the compression
level.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
be stolen off of our gallery site. You'd have to badly
degrade the quality in order to completely destroy the watermarks completely,
as long as you implemented the watermarking correctly in the first place.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed
. OE-Quotefix is somehow barfing
on your message specifically and crashing, so I had to turn it off
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
- Original Message -
From
to spamassassin gives you the flexability to block alot of spam
without needing to block everything outright.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
). They are illegal if you use it to bring down
someone's machine though.
Basically, if I were you, I'd turn your firewall's sensitivity WAY down and
only track events that are obviously attempts to hack.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti
:)
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
Merry Christmas and happy holidays!
Lets hope the coming year is good for everyone
(except the spammers that is :-)
Off I go to help my mother learn how to use the new
digital camera I gave her for christmas!
-- Brian BrunsThe Summit Open Source Development GroupOpen
Solutions For A Closed
Hello all,
I dont suppose anyone here might have a direct contact for the people at
Road Runner in regards to DNS management and/or their abuse desk?
Contact me off-list please. Thanks.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam
or a trusted
source.
Virus filtering is a must, but, alas, not all mail servers filter *outgoing*
mail. Most filter only incoming mail.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
issues with resource usage.
But sometimes, its just right.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
running it. Not always possible, but who knows.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
is gone at this point).
In the various places where I've gotten a look at their spam protection,
SpamHaus is very popular, as is SpamCop's BL.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
file and running an exe in it (ala MiMail).
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
- Original Message -
From: Daniel Roesen [EMAIL PROTECTED
announcement for that customer?
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
.
:-)
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
- Original Message -
From: james [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, October 31, 2003 5:00
' willingness to take action
Brian Bruns asserts that there are lots of home users
connecting to their office Exchange servers without VPNs,
and that therefore blocking the Microsoft ports was bad.
While I agree with his point that you shouldn't do it
without documenting what you
via the web based interface. Might be different now.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
ICQ: 8077511
- Original Message -
From: [EMAIL PROTECTED]
To: NANOG [EMAIL
incoming ports, especially to a possible business user or home user trying
to access their office, you put yourself in a really bad position.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
ICQ
Your results look a hell of alot more realistic then what Verisign tried to
get people to swallow at SECSAC.
Too bad they won't take it seriously because its 'obviously biased' :-/
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World
I'm getting nothing but timeouts at this point to any of att's mail servers.
Nothing going through at all.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
ICQ: 8077511
- Original
/Oct/2003:19:47:42 -0500] GET /PAD HTTP/1.1 404 316
- l
ibwww-perl/5.65
68.63.88.173 - - [21/Oct/2003:19:47:42 -0500] GET /pad HTTP/1.1 404 316
- l
ibwww-perl/5.65
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
of these idiots.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
ICQ: 8077511
that something good might come out of this.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
ICQ: 8077511
nothing but blocks of /24
announcements out of a larger /20 or whatever size block that has been
assigned. In fact, it was alot easier for me to handle the network in that
fashion, because I could easily control where traffic for a specific use
came in, etc.
--
Brian Bruns
http://media.icann.org/ramgen/encoder/secsac.rm
Live feed of the meeting.
Having listened to just about 5 minutes so far, Verisign is fudging quite a
bit on how many people like the sitefinder service. Its almost unreal to
hear what they are saying.
--
Brian Bruns
what we
are doing. Its apparent that we are disliked here by some, but hitting below
the belt by going after our provider isn't going to solve anything or change
anything.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam
- Original Message -
From: Matthew S. Hallacy [EMAIL PROTECTED]
To: Matt [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, October 12, 2003 3:18 AM
Subject: Re: Abuse Departments
Most places will take care of abuse issues if they get to the right
person,
but some places simply won't
- Original Message -
From: Bryan Heitman [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, October 12, 2003 11:33 AM
Subject: Re: Abuse Departments
Would you perhaps have more underlying problems if a script kiddie on a
dialup can attack you in such a way to impact your service?
to connect by hand using telnet results in the mail servers closing
the connection right away without giving a reason. I did however, out of
about 20 tests, got through once and actually got the server's welcome
message.
Any ideas?
--
Brian Bruns
The Summit Open Source Development
- Original Message -
From: [EMAIL PROTECTED]
To: Brian Bruns [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Sunday, October 12, 2003 2:16 PM
Subject: Re: AOL mail server problems?
They're probably blocking you. Have you gotten many scomp complaints
recently?...perhaps a big backlog
- Original Message -
From: Suresh Ramasubramanian [EMAIL PROTECTED]
To: Brian Bruns [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, October 12, 2003 2:39 PM
Subject: Re: AOL mail server problems?
When it comes to a choice between letting in the ~ 1% of small
- Original Message -
From: Joshua Levitsky
To: Brian Bruns
Cc: [EMAIL PROTECTED] ; [EMAIL PROTECTED] ; Suresh Ramasubramanian
Sent: Sunday, October 12, 2003 3:10 PM
Subject: Re: AOL mail server problems?
What is the PTR record for your mail server? If you don't have one or if
it reads
Title: Message
Tis one of the reasons why I've disabled SMTP AUTH
on all of my servers for now. I've known about this for a few weeks
now. Its not surprising. Most of the servers cracked are Exchange
servers (probably thanks to weak passwords), but I still don't feel like taking
a chance.
://www.2mbit.comICQ:
8077511
- Original Message -
From:
Brian Bruns
To: Bob German ; [EMAIL PROTECTED]
Sent: Friday, October 10, 2003 11:12
AM
Subject: Re: New mail blocks result of
Ralsky's latest attacks?
Tis one of the reasons why I've disabled SMTP
AUTH on all
MessageThis is something I sent to someone offlist. I've strpped out his
name, etc.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message -
From: Brian
to be written, and get
people to fill in the blanks?
I know personally I would love to put out a paper, but I have no idea where
to begin.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ
://www.sosdg.org/papers/VSGNWCD.html
I tried to write it as simple as I could in the hopes it might help end
users understand the issues created by the SiteFinder 'service'.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
is sitting on a 1.5/256
business DSL line. I really can't afford to be buying T1s or T3s just to
hold up to attacks like this.
As always, thanks.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ
techs.
Our DSL service isn't bad - in fact it rarely goes down. The problem is
that when we need their help with something out of our league, they are
completely useless. Anyone know of a contact number for SBC/Ameritech that
would be useful in a case like this?
--
Brian
Wish someone who was good with the clue-axe would take a swing at these
dolts.
We all know they are crying babies because their new method of profit was
shut down.
Now, the interesting question will be, how can we prevent them from adding
sitefinder again?
--
Brian
You know who/what this sounds like?
Microsoft.
When smacked down about IE integration and WMP integration, they screamed
bloody murder and claimed freedom of innovation. Exactly what
NetSol/Verisign is doing. Maybe they have the same PR firm?
--
Brian Bruns
The Summit
I got on OK, but I used the web based confirmation method.
Maybe their mail server got flooded?
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message
everywhere in the
world. Thats *20* minutes.
Why does it take NetSol 24/48/72 hours to do the same thing?
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message
.
*holds up a glass of vodka* Here's to the good guys winning another battle.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
to do that to customers who didn't turn off dynamic dns updates. It
got their attention quick.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message -
From
works fine for me.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message -
From: Mike Tancsa [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday
.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message -
From: mike harrison [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Thursday
This might be helpful to people setting up ACLs and the like:
http://webmaster.info.aol.com/proxyinfo.html
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original
with TLDs,
especially ones as important as .com and .net.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
boundary=.[a-z]{6} and
$message_body matches iframe src=3D.cid:.*height=3D0.*
width=3D0.*/iframe
then
logfile $home/filter.log 0644
logwrite $tod_log - filter: *** Swen.2 *** - sender: $sender_address -
subj$
seen finish
endif
--
Brian Bruns
The Summit Open Source
get K-Mail forWindows, I'd be in good shape.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message -
From: David Lesher [EMAIL PROTECTED]
To: nanog list
the time I was on site with a customer when I discovered this. I
always carried a Mac laptop, so I was royally screwed.
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
?
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511
- Original Message -
From: Lou Katz [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 17, 2003 9:23 PM
Subject: Route
79 matches
Mail list logo