: Spam Warrior :
: Here's what turned up in my queries. I've highlighted
: bits again.
: You'll want to look through the Whois and the IP Block
information to see
: what ISP the spammer is using (assuming the IP address wasn't spoofed).
: Here, the top highlight tells me that I'm looking at a spammer in
: that's where the service provider is located that initially forwarded
: The bottom highlight shows us the exact IP address of that forwarding
: The double reference for the IP Block look-up means that two parties
: as 'owning' that range of IP addresses. We're going after the second
: because the machine just upstream from our target is from that domain
: Another point worth mentioning is that if the Traceroute returns a
"* *" for any
: hops across the network, that means that the machine at that hop is
: responding to Traceroute. That's either because it's mis-configured
: set to ignore Traceroutes (possibly), or isn't connected to the network
: modem connection). The latter can be frustrating, but do a look-up
: last solid IP address logged - a lot of times, that will be their
: Since we didn't get any contact information with this
sweep, we'll have to dig
: a little deeper; what I'm looking for is an email address to send
: to regarding system abuse.
: Another point worth making is that in some states (Washington,
: it's possible to get money out of this sort of venture. That's right!
: get up a $1,000 a pop, and many spammers will settle out of court
: little less than that. There was a fine article written for the NYTimes
: covers that, and also helped me get started with this business (see
: references on page 3).
: Mr. Spammer, in Chile, with the spam/virus :
: Let's find out a little more about Entel Chile S.A.
SamSpade will automatically
: enter the appropriate information into a new search page if you click
: the links from the search results page. This time, we want the specific
: info, so we'll use the GeekTools' Whois server as such :
: Here's what it turns up - definitely some good stuff,
although it lacks some
: of the conveniences of western telecom's whois entries i.e. "firstname.lastname@example.org"
: addresses. It does turn up the address of a technical contact and
: web address. Those are the best way forward if you want to get a response,
: in my opinion. Don't get your hopes up that you'll see immediate results
: after contacting them - ISPs get snowed with complaints, so the best
: can do is to pass along a detailed message and attach the offending
: of mail you're miffed about.
: Now that we know a little bit about who's system is
being hijacked to
: proliferate the Hybris worm, we can contact them directly and notify
: as such. Hopefully, they'll get around to fixing the problem. If you
: keep getting spammed, and the ISP is unresponsive, keep bugging
: them about it! Just forward every piece of spam from their system
: their contact person and eventually, you'll get some action. Meanwhile,
: keep a log of all email you send them - if need-be, you can get legal
: or political on their ass (which requires a paper-trail).
: Making contact with the Telecos.