[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Spam from this list

Subject: Re: [cobalt-security] Spam from this list
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Fri, 22 Sep 2000 15:28:51 -0400

Sounds pretty thorough... good show Chris. You are my personal hero for the
day.

All of the humorless individuals who replied with antipathy to chris's
original email are my personal enemies for the day (congratulations, you
have made the list).

Good day.
Kevin

P.S. Could you send me the server's IP address off-list? I'd like to see if
I can't hack the system myself and show the little bastard who's boss ;-)

P.P.S. The views expressed in this email are not necessarily those of any
organization associated with the author.

> The person who spammed me has a porno site hosted in the UK and with a
> domain name registered out of Australia.  However, he has accomplices in
the
> US that run a 900 service, so tracking this individual or group will be
> difficult.  As far as I can tell, this spammer is running yet another scam
> site trying to get you to call 900 numbers to disenroll from a porno
e-mail
> list.  In case you aren't familiar with this scam, a spammer sends raunchy
> messages to hopefully your work email address.  The only way to stop it is
> to call a 900 service to remove yourself from the list.  The scammer then
> pads the 900 charges, knowing you are unlikely to complain.  The really
> nasty ones ask for a credit card number as well before your call can go
> through.    There are no charges I could file unless I participated in
this
> obvious fraud.
>
> I have complained to the spammer's ISP.  In many cases, I have
successfully
> stopped spam by shutting down the spammer's web site and/or e-mail account
> by notifying the ISP.  So far, this person's ISP has not responded.  I
have
> found European and Asian ISPs to be very uncooperative with respect to
spam.
>
> I *did* not break into any machine. I did the following:
>
> Ran traceroute, ping, and nslookup to narrow hostnames, services, ip
> addresses, etc.
> Checked out registered domain names.
> Sent mail to postmaster@<naughtyhost>.com to see who replied.
> Attempted to Telnet so I could see what OS and kernel were on the other
end.
> Tried to FTP to see what was available through anonymous FTP.
> Tried some admin URLs to confirm that the host was a Cobalt Raq 3.
> Performed a few web searches to look for more info.
> I did find a person on this list with a domain that traced back to the
same
> host.  However, I don't want to reveal who it is unless I can prove this
> person is the culprit.  I sent an e-mail to this individual, and have not
> heard back.
>
> I did nothing illegal!!!!
>
> Again, please accept my apologies.
>
> Chris
>

References:
- RE: [cobalt-security] Spam from this list
  - From: Chris Weiss

Prev by Date: Re: [cobalt-security] Spam from this list
Next by Date: Re: [cobalt-security] Spam from this list
Previous by thread: Re: [cobalt-security] Spam from this list
Next by thread: RE: [cobalt-security] Spam from this list

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index