The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal

Discussion in 'Digital Photography' started by admin, Jun 27, 2006.

  1. admin

    admin Guest

    Hello,

    It is with some regret that I am posting here to clarify a problem
    that your newsgroup and I as the administrator of tsbbearings.net are
    experiencing.

    You are seeing a lot of annoying, nonsensical, very rude, explicit
    post with the following headers:

    Organization: TSB Bearings USA
    X-Trace: tsbbearings.net 209.51.186.226
    Original-NNTP-Posting-Host: 209.51.186.226
    X-Complaints-To:
    Lines: 61
    Newsgroups: microsoft.public.test.here,rec.photo.digital
    NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32

    These posts did not originated for tsbbearings.net.
    The IP in question is one of our web servers and does not accept or
    propagate nntp connections at all. Port 119 is closed.

    The person who is doing this is exploiting a computer that has been
    compromised by a trojan. that computer is on a dynamic IP address that
    belongs to telecom.net.ar. If you would like to compalint to them the
    abuse address is:

    I apologize for the disruption that has inadvertently been attributed
    to my server.
     
    admin, Jun 27, 2006
    #1
    1. Advertisements

  2. I, for one, very much appreciate your courtesy in addressing this
    issue.
     
    David Cary Hart, Jun 27, 2006
    #2
    1. Advertisements

  3. Bowtie doesn't do anything inadvertently. You must have said
    something to upset him.

    --
    gburnore at DataBasix dot Com
    ---------------------------------------------------------------------------
    How you look depends on where you go.
    ---------------------------------------------------------------------------
    Gary L. Burnore | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    Official .sig, Accept no substitutes. | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³
    | ÝÛ 0 1 7 2 3 / Ý³Þ 3 7 4 9 3 0 Û³
    Black Helicopter Repair Services, Ltd.| Official Proof of Purchase
    ===========================================================================
     
    Gary L. Burnore, Jun 27, 2006
    #3
  4. Could Lamie have done this?
     
    GNUEMAIL Postmaster, Jun 27, 2006
    #4
  5. Unfortunately, no, he’s far too stupid.

    --
    My little NANAE hangout: http://etaoin.zapto.org
    To e-mail me KEEP THE ".nospam" portion of my address !!!

    NSA snoop trigger: “When he was a kid, the president of the United Cigar
    Stores liked to kill time by throwing water bombs at anthills”.

    Have you hugged a cat today???
     
    Etaoin Shrdlu, Jun 27, 2006
    #5
  6. admin

    Dave Cohen Guest

    Is there anyway we can block his posts?
    Dave Cohen
     
    Dave Cohen, Jun 27, 2006
    #6
  7. admin

    Scott Dorsey Guest

    1. Ask your ISP to run cleanfeed, or get their feed from someone who does.

    2. Put /^Path:*telecom.net.ar*/ in your killfile.
    --scott
     
    Scott Dorsey, Jun 27, 2006
    #7
  8. admin

    Pete D Guest

    For me I found it a trivial exercise to simply delete them.
     
    Pete D, Jun 28, 2006
    #8
  9. "Pete D" wrote ...
    While most of the subject lines were clearly garbage, some of them
    were realistic enought to fool me. The malware writers are getting
    better (unfortunately :-(
     
    Richard Crowley, Jun 28, 2006
    #9
  10. admin

    Pete D Guest

    I am not really sure what the idea of swamping a newsgroup with rubbish but
    I guess they have a reason, they probably just need to take the red pill!
     
    Pete D, Jun 28, 2006
    #10
  11. admin

    admin Guest

    Further information with regard to the abusive messages posted here.

    We have further determined that the posts trojan computer is being
    controlled from a US IP address, 71.244.99.41, a Verizon wireless address as
    well as 71.123.37.227, a Verizon non-wireless address.

    A search has revealed previous posts from an individual to these groups, and
    discussions are underway with administrators at Verizon to determine the
    culprit involved. The trojan looks to have been shut down, however others
    may be in place and so determining the exact source of the abuse is
    continuing.

    If anyone has further additional information we would be happy to receive
    it.
     
    admin, Jun 28, 2006
    #11
  12. admin

    J. Clarke Guest

    I'd prefer that they take the Black Capsule.
     
    J. Clarke, Jun 30, 2006
    #12
  13. admin

    Frank ess Guest

    Think they'd like a visit from Lt. Dish, do you?
     
    Frank ess, Jun 30, 2006
    #13
  14. admin

    J. Clarke Guest

    Well, considering the personality of the average script kiddy, finding
    themselves in the position of having to actually do something with a real
    woman of that quality would be more likely to do them in than the toxin.
     
    J. Clarke, Jun 30, 2006
    #14
  15. admin

    Paul J Gans Guest

    I take it as the equivalent of kicking over the privy back
    in the Good Old Days (tm). They do it because they can without
    being punished and relish the fact that we talk about them.

    --- Paul J. Gans
     
    Paul J Gans, Jul 1, 2006
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.