We all know the POS spammer from Togo Africa. Here is the latest intel on the dumbass:
The Togo Spammer should be considered armed and dangerous - armed with bow and rubber arrows, blow-gun without the gun, and a bad case of diaper rash.
If you see this spammer, call your local authorities and give this little shit a bath. And, Oh Yeah, bitch-slap the dumbass.
Took a few days off for the 4th of July and thought I would come back and check the logs to see if the same old tired crap had finally stopped. Nope.. What makes this so bad is there isn’t even any bandwidth being used. I have the site set so 403 errors submit no bandwidth.
Everything from Code injection to trying to get the htpasswd file. Sad part of that is the password file isn’t even in the root directory - it’s a few stories above it.. The same goes with the log files - well above the root directory so none of the search engines can even get to it - so referrer spammers just get dickslapped on that too..
Oh well…
I’m working on another article that’ll be posted very soon. Not about the hack attempts or even spam attempts, this is more of a self-help type post…
** warm and fuzzy mode START **
Hope everyone had a great 4th of July yesterday!
** warm and fuzzy mode END **
Another fresh batch of dumbasses to shitcan
Just point fingers and laugh at ‘em….
Blacklist file to downlaod:
|
download: 06-28-2008_Blacklisted.txt (22.38KB) added: 28/06/2008 clicks: 9 description: June 28, 2008 - A Fresh batch of dumbasses to blacklist for hacking. Shitcan 'em All |
Has anyone EVER said these people are smart????
The rest of the dumbasses are here: Blacklist Downloads
Technorati Tags: hacking, hackers, blacklisted, blacklist
Are these guys REALLY that stupid??
It’s been almost a month now of 403 errors and the kiddie-script jockeys are still beating their puds against a brick wall…
They went from libwww-perl to trying to use token to gain access. I even saw a few trying to use FTP!
Oh well…
Today’s Lame Botnets:
Yep, on purpose, I didn’t post anything for a few days just to see something and I got confirmation that these idiots are still stupid…
06-23-2008_Blacklisted.txt file was just added for download.
Anyone notice where the majority of the hack attempts are coming from???
Blowhost, LayeredshiTologies and The(dumbass)Planet come to mind right off the bat..
I stopped posting for a few days but kept adding the blacklist files for download. All the information is there - networks and reverse DNS lookups. There are only a few that the actual attempts are coming from - usually either by zombie machines or by spoofing IP addresses.
-
Here are list of IP ranges for Proxy Servers and TORs to block.
If you are like most of us; you see the majority of spam coming from proxy servers
This is a pretty long list and I will TRY to keep it updated. I won’t be adding the Port so using the proxy might take a little Work to find.
|
|
download: Proxy and TOR List To Block (25.83KB) added: 15/06/2008 clicks: 13 description: Proxy and Tor ranges to block access by |
Anyone ever find out if AmazonWS is associated with Amazon .com?
I know it comes up as owned by Amazon .com, Inc. But I remember something about this network from a couple other blogs too; as in being part of, but not.
It changed it’s user-agent today to a human user-agent - which seems a little odd in itself.
I’m going to do things a little different on the blacklisted files now.
Instead of posting everyday or every few days the day’s blacklisted txt files, I’ve added a download page so that anyone can drive by and download the file.
The file will have both sections - the actual hits that the hacks came from and the 2nd section will have the Hostname, IP, Reverse DNS, and etc.. like the other “_Blacklisted.txt” files.
If you click on the “All Pages” tab at the top of the blog, you’ll come up with all the various pages of the blog (I did this to keep from having too many pages listed at one time on the side of the blog).
In the All Pages page, you’ll see the “Blacklist Files” page.
An increasing number of Muslim women in Europe are having surgery to create the illusion of virginity.
My Comment:
What the HELL!?!?!?!? I Think Illusion is the KEY Word!
A post on the castlecops security list provides details that an attacker, potentially compromised thousands of sites using a CSS/XSS vulnerability and pointed them all to a porn site! So the next time you search something on these sites, you might get an unexpected screen choc-a-block with porn 
My Comment:
You’d think that’s the only sites hackers know…….
A California hacker pleaded guilty to launching a computer attack last year that almost knocked the Castlecops anti-phishing Web site offline.
My Comment:
What do you think will happen? A Slap on the wrist?
Until recently, SPAM email from off-campus but appearing to come from a calpoly.edu address bypassed this filtering process.
My Comment:
Even thought this is for Cal-Poly; there are some good “heads-up” in this article
read more | digg story
Another day, another set of blacklisted domains and networks..
Some have finally figured out that the site doesn’t use Subdreamer - Some.. Not all; most are like a blind man humping a door-knob and since there were so many blind door-knob humpers; I’m only going to use the IP addresses in the post, but will still have a text file at the end of the post with ALL the information.
Now,, I’m not stupid enough to think these aren’t spoofed addresses.. But, it still gives you a list of addresses, ranges, and networks to remove access from or limit access.
I’m writing this post a little early tonight since I’ve got a few other things to do a little later on and a few other sites to go over for a few people; but it’ll show up around mid-night or so.
Once it posts and since “Subdreamer” is mentioned; there will be just as many dry-humping dumbasses as there are tonight…
June 9, 2008 Blacklisted ,,, ummm,, list..
A few new ones and a few old ones.. Problem is; none of them seem to have noticed that the hacked server accounts they are pointing the scripts to are working. They were disabled over the weekend… 
I received back answers from the networks and owners of the networks I emailed during the weekend. All of them disabled the accounts which the hackers were using the scripts from. I guess they’ll have to take 5 minutes out of their day to copy another script to another hacked server account.. Maybe LiquidWeb??
Does Anyone still let .privatedns access their site??? How about .dreamhost??
Blacklist text file is at the end of the post.
The attack marked the third time that a Web site hosted by Liquid Web has been hijacked by al-Qaida hackers. “It’s obvious they’ve found a backdoor,” Josh Devon, an analyst at the SITE Institute, said.
My Comment:
Anyone Really Shocked about this???
06/28/2008 Dumbasses to blacklist and laugh at | A Daily Rant on Blacklist FilesBlacklist Downloads | A Daily Rant on Blacklist FilesMay 2008 Blacklisted | A Daily Rant on 06-07-2008 Blacklisted
willmacc on A Daily Rant Endingwillmacc on A Daily Rant Ending
Loading ...
Digg/willmacc
Friendster/WillMacc
Twitter/willmacc
YouTube/willmacc
Last.fm/willmacc
Del.icio.us/willmacc
Wikipedia/willmacc
GMail/WillMacc
coComment/willmacc
Technorati/willmacc
MyBlogLog/willmacc
Blog/WillMacc