The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal

Discussion in 'Digital Photography' started by admin, Jun 27, 2006.

  1. admin

    admin Guest

    Hello,

    It is with some regret that I am posting here to clarify a problem
    that your newsgroup and I as the administrator of tsbbearings.net are
    experiencing.

    You are seeing a lot of annoying, nonsensical, very rude, explicit
    post with the following headers:

    Organization: TSB Bearings USA
    X-Trace: tsbbearings.net 209.51.186.226
    Original-NNTP-Posting-Host: 209.51.186.226
    X-Complaints-To:
    Lines: 61
    Newsgroups: microsoft.public.test.here,rec.photo.digital
    NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32

    These posts did not originated for tsbbearings.net.
    The IP in question is one of our web servers and does not accept or
    propagate nntp connections at all. Port 119 is closed.

    The person who is doing this is exploiting a computer that has been
    compromised by a trojan. that computer is on a dynamic IP address that
    belongs to telecom.net.ar. If you would like to compalint to them the
    abuse address is:

    I apologize for the disruption that has inadvertently been attributed
    to my server.
    admin, Jun 27, 2006
    #1
    1. Advertising

  2. Re: The recent flood to rec.photo.digital,news.admin.net-abuse.email, rec.audio.pro,misc.legal

    On Tue, 27 Jun 2006 13:21:12 -0400, admin <>
    opined:
    > Hello,
    >
    > It is with some regret that I am posting here to clarify a problem
    > that your newsgroup and I as the administrator of tsbbearings.net
    > are experiencing.
    >

    I, for one, very much appreciate your courtesy in addressing this
    issue.

    --
    Displayed Email Address is a SPAM TRAP
    Our DNSRBL - Eliminate Spam at the Source: http://www.TQMcube.com
    Don't Subsidize Criminals: http://boulderpledge.org
    SPEWS Delisting FAQ: http://tqmcube.com/spews.php
    David Cary Hart, Jun 27, 2006
    #2
    1. Advertising

  3. On Tue, 27 Jun 2006 13:21:12 -0400, admin <>
    wrote:

    >Hello,
    >
    >It is with some regret that I am posting here to clarify a problem
    >that your newsgroup and I as the administrator of tsbbearings.net are
    >experiencing.
    >
    >You are seeing a lot of annoying, nonsensical, very rude, explicit
    >post with the following headers:
    >
    >Organization: TSB Bearings USA
    >X-Trace: tsbbearings.net 209.51.186.226
    >Original-NNTP-Posting-Host: 209.51.186.226
    >X-Complaints-To:
    >Lines: 61
    >Newsgroups: microsoft.public.test.here,rec.photo.digital
    >NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32
    >
    >These posts did not originated for tsbbearings.net.
    >The IP in question is one of our web servers and does not accept or
    >propagate nntp connections at all. Port 119 is closed.
    >
    >The person who is doing this is exploiting a computer that has been
    >compromised by a trojan. that computer is on a dynamic IP address that
    >belongs to telecom.net.ar. If you would like to compalint to them the
    >abuse address is:
    >
    >I apologize for the disruption that has inadvertently been attributed
    >to my server.


    Bowtie doesn't do anything inadvertently. You must have said
    something to upset him.

    --
    gburnore at DataBasix dot Com
    ---------------------------------------------------------------------------
    How you look depends on where you go.
    ---------------------------------------------------------------------------
    Gary L. Burnore | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    Official .sig, Accept no substitutes. | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    | ÝÛ 0 1 7 2 3 / Ý³Þ 3 7 4 9 3 0 Û³
    Black Helicopter Repair Services, Ltd.| Official Proof of Purchase
    ===========================================================================
    Gary L. Burnore, Jun 27, 2006
    #3
  4. "Gary L. Burnore" <> wrote in message
    news:e7rq77$k74$...
    > On Tue, 27 Jun 2006 13:21:12 -0400, admin <>
    > wrote:
    >
    >>Hello,
    >>
    >>It is with some regret that I am posting here to clarify a problem
    >>that your newsgroup and I as the administrator of tsbbearings.net are
    >>experiencing.
    >>
    >>You are seeing a lot of annoying, nonsensical, very rude, explicit
    >>post with the following headers:
    >>
    >>Organization: TSB Bearings USA
    >>X-Trace: tsbbearings.net 209.51.186.226
    >>Original-NNTP-Posting-Host: 209.51.186.226
    >>X-Complaints-To:
    >>Lines: 61
    >>Newsgroups: microsoft.public.test.here,rec.photo.digital
    >>NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32
    >>
    >>These posts did not originated for tsbbearings.net.
    >>The IP in question is one of our web servers and does not accept or
    >>propagate nntp connections at all. Port 119 is closed.
    >>
    >>The person who is doing this is exploiting a computer that has been
    >>compromised by a trojan. that computer is on a dynamic IP address that
    >>belongs to telecom.net.ar. If you would like to compalint to them the
    >>abuse address is:
    >>
    >>I apologize for the disruption that has inadvertently been attributed
    >>to my server.

    >
    > Bowtie doesn't do anything inadvertently. You must have said
    > something to upset him.
    >
    > --
    > gburnore at DataBasix dot Com
    > ---------------------------------------------------------------------------
    > How you look depends on where you go.
    > ---------------------------------------------------------------------------
    > Gary L. Burnore | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    > | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    > Official .sig, Accept no substitutes. | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    > | ÝÛ 0 1 7 2 3 / Ý³Þ 3 7 4 9 3 0 Û³
    > Black Helicopter Repair Services, Ltd.| Official Proof of Purchase
    > ===========================================================================


    Could Lamie have done this?

    --
    GNUEMAIL Postmaster
    postmaster<at>gnuemail.com
    ---
    GNUEMAIL Postmaster, Jun 27, 2006
    #4
  5. Le 27 Jun 2006, "GNUEMAIL Postmaster" <> a écrit :

    > Could Lamie have done this?


    Unfortunately, no, he’s far too stupid.

    --
    My little NANAE hangout: http://etaoin.zapto.org
    To e-mail me KEEP THE ".nospam" portion of my address !!!

    NSA snoop trigger: “When he was a kid, the president of the United Cigar
    Stores liked to kill time by throwing water bombs at anthills”.

    Have you hugged a cat today???
    Etaoin Shrdlu, Jun 27, 2006
    #5
  6. admin

    Dave Cohen Guest

    Re: The recent flood to rec.photo.digital, news.admin.net-abuse.email,rec.audio.pro,misc.legal

    admin wrote:
    > Hello,
    >
    > It is with some regret that I am posting here to clarify a problem
    > that your newsgroup and I as the administrator of tsbbearings.net are
    > experiencing.
    >
    > You are seeing a lot of annoying, nonsensical, very rude, explicit
    > post with the following headers:
    >
    > Organization: TSB Bearings USA
    > X-Trace: tsbbearings.net 209.51.186.226
    > Original-NNTP-Posting-Host: 209.51.186.226
    > X-Complaints-To:
    > Lines: 61
    > Newsgroups: microsoft.public.test.here,rec.photo.digital
    > NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32
    >
    > These posts did not originated for tsbbearings.net.
    > The IP in question is one of our web servers and does not accept or
    > propagate nntp connections at all. Port 119 is closed.
    >
    > The person who is doing this is exploiting a computer that has been
    > compromised by a trojan. that computer is on a dynamic IP address that
    > belongs to telecom.net.ar. If you would like to compalint to them the
    > abuse address is:
    >
    > I apologize for the disruption that has inadvertently been attributed
    > to my server.
    >
    >
    >

    Is there anyway we can block his posts?
    Dave Cohen
    Dave Cohen, Jun 27, 2006
    #6
  7. admin

    Scott Dorsey Guest

    Re: The recent flood to rec.photo.digital, news.admin.net-abuse.email,rec.audio.pro,misc.legal

    In article <o5hog.1399$%67.355@trndny02>, Dave Cohen <> wrote:
    >Is there anyway we can block his posts?


    1. Ask your ISP to run cleanfeed, or get their feed from someone who does.

    2. Put /^Path:*telecom.net.ar*/ in your killfile.
    --scott

    --
    "C'est un Nagra. C'est suisse, et tres, tres precis."
    Scott Dorsey, Jun 27, 2006
    #7
  8. admin

    Pete D Guest

    "Scott Dorsey" <> wrote in message
    news:e7sbl2$4pd$...
    > In article <o5hog.1399$%67.355@trndny02>, Dave Cohen <>
    > wrote:
    >>Is there anyway we can block his posts?

    >
    > 1. Ask your ISP to run cleanfeed, or get their feed from someone who does.
    >
    > 2. Put /^Path:*telecom.net.ar*/ in your killfile.
    > --scott
    >
    > --
    > "C'est un Nagra. C'est suisse, et tres, tres precis."


    For me I found it a trivial exercise to simply delete them.
    Pete D, Jun 28, 2006
    #8
  9. "Pete D" wrote ...
    > For me I found it a trivial exercise to simply delete them.


    While most of the subject lines were clearly garbage, some of them
    were realistic enought to fool me. The malware writers are getting
    better (unfortunately :-(
    Richard Crowley, Jun 28, 2006
    #9
  10. admin

    Pete D Guest

    "Richard Crowley" <> wrote in message
    news:e7sg6h$bfc$...
    > "Pete D" wrote ...
    >> For me I found it a trivial exercise to simply delete them.

    >
    > While most of the subject lines were clearly garbage, some of them
    > were realistic enought to fool me. The malware writers are getting
    > better (unfortunately :-(


    I am not really sure what the idea of swamping a newsgroup with rubbish but
    I guess they have a reason, they probably just need to take the red pill!
    Pete D, Jun 28, 2006
    #10
  11. admin

    admin Guest

    Re: The recent flood to rec.photo.digital,news.admin.net-abuse.email, rec.audio.pro,misc.legal

    Further information with regard to the abusive messages posted here.

    We have further determined that the posts trojan computer is being
    controlled from a US IP address, 71.244.99.41, a Verizon wireless address as
    well as 71.123.37.227, a Verizon non-wireless address.

    A search has revealed previous posts from an individual to these groups, and
    discussions are underway with administrators at Verizon to determine the
    culprit involved. The trojan looks to have been shut down, however others
    may be in place and so determining the exact source of the abuse is
    continuing.

    If anyone has further additional information we would be happy to receive
    it.


    > Hello,
    >
    > It is with some regret that I am posting here to clarify a problem
    > that your newsgroup and I as the administrator of tsbbearings.net are
    > experiencing.
    >
    > You are seeing a lot of annoying, nonsensical, very rude, explicit
    > post with the following headers:
    >
    > Organization: TSB Bearings USA
    > X-Trace: tsbbearings.net 209.51.186.226
    > Original-NNTP-Posting-Host: 209.51.186.226
    > X-Complaints-To:
    > Lines: 61
    > Newsgroups: microsoft.public.test.here,rec.photo.digital
    > NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32
    >
    > These posts did not originated for tsbbearings.net.
    > The IP in question is one of our web servers and does not accept or
    > propagate nntp connections at all. Port 119 is closed.
    >
    > The person who is doing this is exploiting a computer that has been
    > compromised by a trojan. that computer is on a dynamic IP address that
    > belongs to telecom.net.ar. If you would like to compalint to them the
    > abuse address is:
    >
    > I apologize for the disruption that has inadvertently been attributed
    > to my server.
    admin, Jun 28, 2006
    #11
  12. On Wed, 28 Jun 2006 14:37:52 +1000, admin <>
    wrote:

    >Further information with regard to the abusive messages posted here.

    Fuckoff, Bowtie.
    --
    gburnore at DataBasix dot Com
    ---------------------------------------------------------------------------
    How you look depends on where you go.
    ---------------------------------------------------------------------------
    Gary L. Burnore | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    Official .sig, Accept no substitutes. | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    | ÝÛ 0 1 7 2 3 / Ý³Þ 3 7 4 9 3 0 Û³
    Black Helicopter Repair Services, Ltd.| Official Proof of Purchase
    ===========================================================================
    Gary L. Burnore, Jun 28, 2006
    #12
  13. admin

    J. Clarke Guest

    Pete D wrote:

    >
    > "Richard Crowley" <> wrote in message
    > news:e7sg6h$bfc$...
    >> "Pete D" wrote ...
    >>> For me I found it a trivial exercise to simply delete them.

    >>
    >> While most of the subject lines were clearly garbage, some of them
    >> were realistic enought to fool me. The malware writers are getting
    >> better (unfortunately :-(

    >
    > I am not really sure what the idea of swamping a newsgroup with rubbish
    > but I guess they have a reason, they probably just need to take the red
    > pill!


    I'd prefer that they take the Black Capsule.

    --
    --John
    to email, dial "usenet" and validate
    (was jclarke at eye bee em dot net)
    J. Clarke, Jun 30, 2006
    #13
  14. admin

    Frank ess Guest

    J. Clarke wrote:
    > Pete D wrote:
    >
    >>
    >> "Richard Crowley" <> wrote in message
    >> news:e7sg6h$bfc$...
    >>> "Pete D" wrote ...
    >>>> For me I found it a trivial exercise to simply delete them.
    >>>
    >>> While most of the subject lines were clearly garbage, some of them
    >>> were realistic enought to fool me. The malware writers are
    >>> getting
    >>> better (unfortunately :-(

    >>
    >> I am not really sure what the idea of swamping a newsgroup with
    >> rubbish but I guess they have a reason, they probably just need to
    >> take the red pill!

    >
    > I'd prefer that they take the Black Capsule.


    Think they'd like a visit from Lt. Dish, do you?
    Frank ess, Jun 30, 2006
    #14
  15. admin

    J. Clarke Guest

    Frank ess wrote:

    > J. Clarke wrote:
    >> Pete D wrote:
    >>
    >>>
    >>> "Richard Crowley" <> wrote in message
    >>> news:e7sg6h$bfc$...
    >>>> "Pete D" wrote ...
    >>>>> For me I found it a trivial exercise to simply delete them.
    >>>>
    >>>> While most of the subject lines were clearly garbage, some of them
    >>>> were realistic enought to fool me. The malware writers are
    >>>> getting
    >>>> better (unfortunately :-(
    >>>
    >>> I am not really sure what the idea of swamping a newsgroup with
    >>> rubbish but I guess they have a reason, they probably just need to
    >>> take the red pill!

    >>
    >> I'd prefer that they take the Black Capsule.

    >
    > Think they'd like a visit from Lt. Dish, do you?


    Well, considering the personality of the average script kiddy, finding
    themselves in the position of having to actually do something with a real
    woman of that quality would be more likely to do them in than the toxin.

    --
    --John
    to email, dial "usenet" and validate
    (was jclarke at eye bee em dot net)
    J. Clarke, Jun 30, 2006
    #15
  16. admin

    Paul J Gans Guest

    J. Clarke <> wrote:
    >Frank ess wrote:


    >> J. Clarke wrote:
    >>> Pete D wrote:
    >>>
    >>>>
    >>>> "Richard Crowley" <> wrote in message
    >>>> news:e7sg6h$bfc$...
    >>>>> "Pete D" wrote ...
    >>>>>> For me I found it a trivial exercise to simply delete them.
    >>>>>
    >>>>> While most of the subject lines were clearly garbage, some of them
    >>>>> were realistic enought to fool me. The malware writers are
    >>>>> getting
    >>>>> better (unfortunately :-(
    >>>>
    >>>> I am not really sure what the idea of swamping a newsgroup with
    >>>> rubbish but I guess they have a reason, they probably just need to
    >>>> take the red pill!
    >>>
    >>> I'd prefer that they take the Black Capsule.

    >>
    >> Think they'd like a visit from Lt. Dish, do you?


    >Well, considering the personality of the average script kiddy, finding
    >themselves in the position of having to actually do something with a real
    >woman of that quality would be more likely to do them in than the toxin.


    I take it as the equivalent of kicking over the privy back
    in the Good Old Days (tm). They do it because they can without
    being punished and relish the fact that we talk about them.

    --- Paul J. Gans
    Paul J Gans, Jul 1, 2006
    #16
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. .
    Replies:
    0
    Views:
    701
  2. Lionel
    Replies:
    16
    Views:
    695
    Ken Tough
    Sep 17, 2004
  3. Woodchuck Bill
    Replies:
    15
    Views:
    531
  4. Woodchuck Bill
    Replies:
    36
    Views:
    774
  5. Dr Wankfest

    Abuse of the Net/Abuse on the Net

    Dr Wankfest, Jul 14, 2006, in forum: Computer Support
    Replies:
    14
    Views:
    629
    Plato
    Jul 19, 2006
Loading...

Share This Page