monit
Closed Thread
Page 1 of 4 123 ... LastLast
Results 1 to 15 of 50

Thread: Spammers' IPs - Time to Fight Back

  1. #1
    Join Date
    Sep 2006
    Posts
    1,653

    Spammers' IPs - Time to Fight Back

    This thread will be constantly updated, so check back every once in a while.

    Here is a list of the IPs of many (if not all) of all the spammers of our forums. By spammers, I mean the people who use just post a whole bunch of links, or some stuff not related to anything to do with computers/technology.

    Feel free to try/do what you want with these IPs. I think these spammers deserve a bit of their own medicine, or worse. I'm not too sure that we can really do anything with these IPs, but who cares, we might as well try. Without further ado, here is the spammers' IP list (and their hostnames). I would give more information, but that would take a loooong while.

    ----------------------------------------
    The IP Address is: **5.2.**4.2. The host name is: livani-ap.livani.net.microlink.lv.
    The IP Address is: 62.*4*.52.248. The host name is: ns.km2**57-04.keymachine.de.
    The IP Address is: 65.2*.56.246. The host name is: CPE-65-2*-56-246.wi.res.rr.com.
    The IP Address is: 68.*78.207.*2*. The host name is: ip-68-*78-207-*2*.ip.secureserver.net.
    The IP Address is: 58.65.2*7.*6*. The host name is: 58-65-2*7-*6*.myrdns.com.
    The IP Address is: 2**.*77.*2*.**. The host name is: pix*-nat-vlan*0.mts-nn.ru.
    The IP Address is: 67.85.*2*.5. The host name is: ool-4*558*05.dyn.optonline.net.
    The IP Address is: **.*24.*7.*22. The host name is: *22-*7-*24-**.pool.ukrtel.net.
    The IP Address is: 8*.207.2*6.240. The host name is: point.lealta.ru.
    ----------------------------------------

    Alright, I'm out for the night, this is pretty tiresome. But don't worry, this thread will constantly be updated.
    Last edited by Moonbat; 03-16-2007 at 07:42 PM. Reason: Note to Self: Start again at thread with title starting with 'Hardcore'

  2. #2
    Join Date
    Sep 2006
    Posts
    1,653
    Reserving for future use

  3. #3
    Join Date
    Sep 2005
    Posts
    2,054
    These IP addresses are mostly going to be in use by new ISP accounts now, so I think a good idea would be to put the spammer's username, IP address and time of spam on each row instead of just scanning and attempting to exploit/DoS attack them (or whatever anyone plans to do with them). This way we prevent people doing anything to IP addresses that have long since been re-assigned, and we keep a record of which IP address was tied to which username at a certain time.

    I strongly disagree with those that contact police over forum postings (the Internet isn't for anyone to regulate and free speech should remain), but if the spam was pertaining to criminal activities (e.g. ****** card fraud), the forum would then have a record of the perpetrators' actions and IP address.

  4. #4
    Join Date
    Nov 2004
    Posts
    16
    Good luck with fight back but i'm not sure of it will help at all.

    Mostly of them use proxy servers, they never take a look into any forums because they use automatic submission software that allow them to submit post to *000 forums using weakness of forums (phpBB, vbuletin, Invision Power ***rd etc...).
    The best thing is to install some mods that will fight against it.
    Because i run phpBB can not help a lot with vbulletin but they have for sure some mods that will help fight back.
    [URL="http://www.proxyblind.org"]Free Proxy[/URL] | [URL="http://www.proxyserverprivacy.com"]Proxy Server[/URL] | [URL="http://www.ipaddresslocation.org"]Ip Address[/URL] | [URL="http://www.proxyblind.org/list.shtml"]Proxy List[/URL] | [URL="http://www.bearplanet.org"]Polar Bear[/URL]

  5. #5
    Join Date
    Sep 2006
    Posts
    1,653
    Well, the web****** hasn't gotten on in a long while, so I doubt our vBulletin run forums will get any new mods anytime soon.

    mike, would posting the hostname of the spammer help? Posting each username is tiresome, and especially with the amount of spam we get, I'd hate to be the one to undertake it, but I guess I can if it'll help stop the spam.

  6. #6
    Join Date
    Sep 2005
    Posts
    2,054
    Well, the web****** hasn't gotten on in a long while, so I doubt our vBulletin run forums will get any new mods anytime soon.
    Isn't D. Parker the web******? Even if he's not, I'm sure vBulletin would have an automated way of installing mods.

    mike, would posting the hostname of the spammer help? Posting each username is tiresome
    The hostname is still usually changed along with the IP address, so unless it uniquely identifies an ISP subscriber, it wouldn't really help.

    and especially with the amount of spam we get, I'd hate to be the one to undertake it, but I guess I can if it'll help stop the spam.
    I suppose truthfully this forum needs 4-5 moderators to do tasks like this, but if they installed certain mods we would at least lose the bot-spam.

  7. #7
    Join Date
    Sep 2006
    Posts
    1,653
    D.Parker is a forum admin, but not the web******. According to him, the web****** isn't registered on the forums.

  8. #8
    Join Date
    Nov 2004
    Posts
    16
    Web****** need to wake up and to install probably a couple mods that will fight against spamming.
    Captcha by registering, captcha by first post for new member, disabling of posting links until you have 5 post, extra simple question (required to answer) by registering etc... are just for example that will reduce spamming this ***rd for **&#*7;.
    It is for sure seriously problem and i know that web****** of some ***rd decided to close their ***rd because they feel helpless against spam.

    btw

    Posting ip address or hostnames will not help against spamming.As i told you they even do not look into ***rds and do not care because they use automated forum posting tools.That's are so advanced tools that they can read captcha and do many other things but web****** still can do a lot to prevent spamming.
    [URL="http://www.proxyblind.org"]Free Proxy[/URL] | [URL="http://www.proxyserverprivacy.com"]Proxy Server[/URL] | [URL="http://www.ipaddresslocation.org"]Ip Address[/URL] | [URL="http://www.proxyblind.org/list.shtml"]Proxy List[/URL] | [URL="http://www.bearplanet.org"]Polar Bear[/URL]

  9. #9
    Join Date
    Sep 2005
    Posts
    2,054
    Quote Originally Posted by Make View Post
    Web****** need to wake up and to install probably a couple mods that will fight against spamming.
    Captcha by registering, captcha by first post for new member, disabling of posting links until you have 5 post, extra simple question (required to answer) by registering etc... are just for example that will reduce spamming this ***rd for **%.
    Not really; most CAPTCHAs have weaknesses which make them useless in preventing automated activity. If I remember correctly, the vBulletin CAPTCHA can be beaten *00% of the time. PHPBB is similarly vulnerable.

    In the same place I read about this, the research showed that only a few online services had CAPTCHAs that worked. Here's the link:

    [url]http://sam.zoy.org/pwntcha/[/url]

  10. #10
    Join Date
    Mar 2007
    Posts
    3
    Quote Originally Posted by mike*0* View Post
    Not really; most CAPTCHAs have weaknesses which make them useless in preventing automated activity.
    Don't knock it until you have tried it personally. I manage many websites with forums and used to have trouble with spammers, after I installed a decent CAPTCHA my automated spam posting was completely eliminated, the trick is to not use the default CAPTCHA's that come with the software, the spammers have cracked those and will continue to crack them because they know most people will use the default CAPTCHA.

    It's sad that the owners of [url]www.all-nettools.com[/url] have giving up fighting the spam in their forums, it really does reflect on their business image, I hope they take charge and eliminate this spam problem here because I really like and use this site alot and I know alot of other people do too. It will take some time and effort to clean up and eliminate the spammers here but it can be done.

    Another point is the forums here will need more than a good CAPTCHA to fight and win this battle, there are a couple other things they need to do (of which I will not go into here because the spammers will be reading this) that will eliminate **.**&#*7; of the problems. The last .0*% will be the spammers who get aggravated and do the dirty work by hand but if your on the ball and delete those post as fast as they post them they will soon give up because its not worth their time.

    Yes, you too can stop being the spammers bitch, if you just fight back for a little while. Anything worth keeping is worth fighting for.

    EDIT:
    Those IP addresses that Moonbat posted are a good start, but the smart thing to do with them is to look up the entire IP range assigned to each address and then block those IP ranges from even having access to this site, its very easy to do by adding that info to a .htaccess file or even editing the web servers httpd.conf file.
    Last edited by softbaked; 03-17-2007 at 11:48 AM.

  11. #11
    Join Date
    Sep 2006
    Posts
    1,653
    Some of the IP addresses here (and in other spam) don't look like proxies, but actual assigned IPs. If we block those ranges, some real visitors might not be able to access the forums.

  12. #12
    Join Date
    Mar 2007
    Posts
    3
    Quote Originally Posted by Moonbat View Post
    Some of the IP addresses here (and in other spam) don't look like proxies, but actual assigned IPs. If we block those ranges, some real visitors might not be able to access the forums.
    True but the majority of those IP ranges are from countries like Russia, blocking those are a no brainier, the ones that map back to USA are obviously compromised pc's (i.e. zombies for the spammers, your doing everybody a favor by reporting this). What you do with those is report that IP address with a date and time to the ISP noting that the user is promoting drugs and pornography illegally (with links to the crime). I've had great success with this method, with a little leg work and some smarts you can beat this.

    Also if someone is using a proxy server to post or register here they should be blocked (another easy thing to do). You should let people read the forums or surf the site with a proxy if they want but this forum is innocent and there should be no reason to hide who you are if your posting or registering unless.... you do have something to hide..... like mayby the fact you are a scumbag spammer.

    Proactive steps like this will not effect your legitimate users and will be transparent to them, the only people who will feel the pinch will be the bad ones.

  13. #13
    Join Date
    Sep 2006
    Posts
    1,653
    Well, those are all good s***estions, but the fact of the matter is, I'm just a mod, I don't have any power over blocking IPs, installing mods, etc.

    I'll contact the admin, who'll contact the web******.

  14. #14
    Join Date
    Nov 2004
    Posts
    16
    Quote Originally Posted by mike*0* View Post
    Not really; most CAPTCHAs have weaknesses which make them useless in preventing automated activity. If I remember correctly, the vBulletin CAPTCHA can be beaten *00% of the time. PHPBB is similarly vulnerable.

    In the same place I read about this, the research showed that only a few online services had CAPTCHAs that worked. Here's the link:

    [url]http://sam.zoy.org/pwntcha/[/url]
    I have mention a couple things that will make spammers life harder. Not only captcha. If you make combos of all of them it will reduce spamming to *% on this ***rd.
    [URL="http://www.proxyblind.org"]Free Proxy[/URL] | [URL="http://www.proxyserverprivacy.com"]Proxy Server[/URL] | [URL="http://www.ipaddresslocation.org"]Ip Address[/URL] | [URL="http://www.proxyblind.org/list.shtml"]Proxy List[/URL] | [URL="http://www.bearplanet.org"]Polar Bear[/URL]

  15. #15
    Join Date
    Sep 2005
    Posts
    2,054
    Quote Originally Posted by softbaked View Post
    Don't knock it until you have tried it personally. I manage many websites with forums and used to have trouble with spammers, after I installed a decent CAPTCHA my automated spam posting was completely eliminated, the trick is to not use the default CAPTCHA's that come with the software, the spammers have cracked those and will continue to crack them because they know most people will use the default CAPTCHA.
    I've run several forums and what I found is most CAPTCHAs can be programatically defeated, but when you don't use the default settings, you tend to lose the spammers (unless the mod is well-known). They write their spamming software for the default forum settings. So most of the time it's not the CAPTCHA that prevents spam, but the variation from the widely-deployed settings. One change to the login system of a forum can be enough to lock out spammers until this change becomes used widely enough for it to be worthwhile for them to build support for these changes into their programs. So pretty much what you said .

    It's sad that the owners of [url]www.all-nettools.com[/url] have giving up fighting the spam in their forums, it really does reflect on their business image, I hope they take charge and eliminate this spam problem here because I really like and use this site alot and I know alot of other people do too. It will take some time and effort to clean up and eliminate the spammers here but it can be done.
    One of the admins recently has re-appeared and has pledged to fight the spam; I haven't seen much change as of yet though.

    EDIT:
    Those IP addresses that Moonbat posted are a good start, but the smart thing to do with them is to look up the entire IP range assigned to each address and then block those IP ranges from even having access to this site, its very easy to do by adding that info to a .htaccess file or even editing the web servers httpd.conf file.
    It would work in theory, but rejecting a whole block of ISP ********s based on one (potentially unwilling zombie) spammer could be something the admins object to.

    noting that the user is promoting drugs and pornography illegally (with links to the crime)
    There's nothing illegal about promoting porn or drugs, and I don't think we can really call spam a crime. At least on this scale.

    I suppose the ISP of a user would probably cancel a user's account because of this though, and that's what we want.
    Last edited by Ezekiel; 03-17-2007 at 02:53 PM.

Closed Thread

Similar Threads

  1. Fake links provided by spammers/ IRC Channel
    By Gotharious in forum General discussion
    Replies: 11
    Last Post: 03-04-2008, 04:44 AM
  2. Help me fight a attack on my site
    By island in forum Internet Privacy
    Replies: 3
    Last Post: 08-28-2007, 06:36 AM
  3. I'm back
    By Ezekiel in forum Internet Privacy
    Replies: 2
    Last Post: 08-21-2007, 09:27 PM
  4. I need YOUR help to fight spam!
    By Halla in forum Internet Privacy
    Replies: 0
    Last Post: 08-07-2006, 12:59 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts