discussion of issues affecting the South African Internet industry

Rob | 18 Jan 2005 09:00

anyone else get nailed by these spammers?

<snip>
Date: Mon, 17 Jan 2005 19:13:37 +0200
From: "Tiffany Weaver" <info@...>
To:
Subject: 2000 and THRIVE!
Reply-To: info@...
</snip>

anyone else get hit by this? normally I'd not bother too much, but in this 
case, they hit atleast 10 lists/aliases of ours, many are internal-only, 
and some are either only used for automated messages, or haven't been in 
use in years. I received it to many aliases that are never used on my 
personal systems aswell as work.

waiting for a response from them, just wanting to guage the reach of their 
spamrun from yesterday.

Regards

--Rob

=====================< IOZ >======================
 To unsubscribe, mail <majordomo@...>
with "unsubscribe ioz" in the body of your message
==================================================

Mac Anamourlis | 18 Jan 2005 09:31

Picon

RE: anyone else get nailed by these spammers?

Yeah, we got it too.

Absol Internet Business Solutions (Pty) Ltd
Mac Anamourlis | CEO
www.absol.co.za	
	
Tel: +27-12-365-2142	
Fax: +27-12-365-2271	
Cell: +27-83-264-0666	
	
AbsolPublisher - AbsolStats - AbsolBanners 	

> -----Original Message-----
> From: owner-ioz@... 
> [mailto:owner-ioz@...] On Behalf Of Rob
> Sent: 18 January 2005 10:00 AM
> To: ioz@...
> Subject: [IOZ] anyone else get nailed by these spammers?
> 
> <snip>
> Date: Mon, 17 Jan 2005 19:13:37 +0200
> From: "Tiffany Weaver" <info@...>
> To:
> Subject: 2000 and THRIVE!
> Reply-To: info@...
> </snip>
> 
> anyone else get hit by this? normally I'd not bother too 
> much, but in this case, they hit atleast 10 lists/aliases of 
> ours, many are internal-only, and some are either only used

(Continue reading)

Matthew Tagg | 18 Jan 2005 09:47

Picon

Re: anyone else get nailed by these spammers?

No but I've seen a lot of "Order Status - Tracking number S3395HH" etc going
around

Regards, Matthew

----- Original Message ----- 
From: "Rob" <rob@...>
To: <ioz@...>
Sent: Tuesday, January 18, 2005 10:00 AM
Subject: [IOZ] anyone else get nailed by these spammers?

> <snip>
> Date: Mon, 17 Jan 2005 19:13:37 +0200
> From: "Tiffany Weaver" <info@...>
> To:
> Subject: 2000 and THRIVE!
> Reply-To: info@...
> </snip>
>
> anyone else get hit by this? normally I'd not bother too much, but in this
> case, they hit atleast 10 lists/aliases of ours, many are internal-only,
> and some are either only used for automated messages, or haven't been in
> use in years. I received it to many aliases that are never used on my
> personal systems aswell as work.
>
> waiting for a response from them, just wanting to guage the reach of their
> spamrun from yesterday.
>
> Regards
>

(Continue reading)

Johann Smith | 18 Jan 2005 10:12

Picon

RE: anyone else get nailed by these spammers?

Yes, just cleared 18000 mails from one of our servers

Regards,
Johann

| Johann Smith | ISP Network Administrator | storm |
| T +27 (0)21 442 4200 | F +27 (0)21 447 8044 | www.storm.co.za |

-----Original Message-----
From: owner-ioz@...
[mailto:owner-ioz@...] On Behalf
Of Matthew Tagg
Sent: 18 January 2005 10:48
To: ioz@...
Subject: Re: [IOZ] anyone else get nailed by these spammers?

No but I've seen a lot of "Order Status - Tracking number S3395HH" etc going
around

Regards, Matthew

----- Original Message ----- 
From: "Rob" <rob@...>
To: <ioz@...>
Sent: Tuesday, January 18, 2005 10:00 AM
Subject: [IOZ] anyone else get nailed by these spammers?

> <snip>
> Date: Mon, 17 Jan 2005 19:13:37 +0200
> From: "Tiffany Weaver" <info@...>

(Continue reading)

Ramon Thomas | 19 Jan 2005 11:55

Picon

ebox24

Can someone please let me know if they have managed to unsubscribe from the
ebox24 newsletter? I've tried in vain and need some suggestions.

Thanks
Ramon

-
Ramon Thomas
mailto:ramon@...
http://www.netucation.co.za

Tel/Fax. +27 (011) 4331034
Mobile: +27829407137

"Insist on yourself; never imitate... Every great man is unique." Ralph
Waldo Emerson
http://en.wikipedia.org/wiki/Ralph_Waldo_Emerson

--------------------------------------------------------------
Looking for love in all the wrong places?  Meet your ideal
match at http://www.datingbuzz.co.za/s/a/500
--------------------------------------------------------------

=====================< IOZ >======================
 To unsubscribe, mail <majordomo@...>
with "unsubscribe ioz" in the body of your message
==================================================

Gregory Massel | 19 Jan 2005 12:42

Picon

SAIX ADSL address harvester

Dear SAIX abuse

[cc'ing IOZ because I'm hoping that with a collaborative effort amongst
other ISPs being hit we can trace exactly who this person is]

The following shows activity of a spammer using a SAIX ADSL account.

Please track down the user and have their account terminated and provide
the details to the ISP they subscribe to.

[root <at> groglet] /var/log/exim# netstat -tn|grep 165.165
tcp4       0      0  196.41.30.100.25       165.165.202.126.19637  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19636  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19635 
ESTABLISHED
tcp4       0      0  196.41.30.100.25       165.165.202.126.19634  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19632  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19631  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19629  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19628  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19627  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19626  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19624  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19622  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19621 
ESTABLISHED
tcp4       0      0  196.41.30.100.25       165.165.202.126.19620  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19619  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19618  FIN_WAIT_2
tcp4       0      0  196.41.30.100.25       165.165.202.126.19617  FIN_WAIT_2

(Continue reading)

Abdul Rehman Gani | 19 Jan 2005 12:54

Picon

ADSL bandwidth theft

Hi,

Anyone have info on how the ADSL account/usernames are being obtained  
by bandwidth thieves:-

http://www.itweb.co.za/sections/columnists/doubletake/ 
weidemann041027.asp?S=Telecoms&A=TEL&O=FRGN

http://www.itweb.co.za/sections/internet/2004/0411031243.asp? 
S=Security&A=SEC&O=FRGN

I have a client in this position. Last month he just bought another  
account, but obviously (and expectedly) he is annoyed at having to do  
so again this month. Telkom confirm that the usage has occurred from  
another line but will not proceed further without a case # from SAPS.

I wonder how that are doing this? Where is the weak spot? FWIW I use IS  
accounts.

Abdul

East Coast Access
Tel: 031-566-8080
Fax: 031-566-8010
Web: http://www.eastcoast.co.za

=====================< IOZ >======================
 To unsubscribe, mail <majordomo@...>
with "unsubscribe ioz" in the body of your message
==================================================

(Continue reading)

jc | 19 Jan 2005 13:10

Re: ADSL bandwidth theft

On Wed, 19 Jan 2005, Abdul Rehman Gani wrote:

> I wonder how that are doing this? Where is the weak spot? FWIW I use IS
> accounts.

well, in theory you using saix accounts, as we are currently still a
reseller :)

j.

#include <std-disclaimer.h> - 'save the trees, send an email'

=====================< IOZ >======================
 To unsubscribe, mail <majordomo@...>
with "unsubscribe ioz" in the body of your message
==================================================

Gregory Massel | 19 Jan 2005 13:29

Picon

Re: SAIX ADSL address harvester

Further to this, the spammer/harvester is somewhere in the greater
Pretoria or surrounding areas... close enough to locate and deliver 81339
snail-mails, each addressed from his idea of a valid sender
(someone@...).

Hostname: tbnb-165-202-126.telkomadsl.co.za

Using Telkom Tariffs program to search for the TBNB site details:

Site name: Bronberg
Site code: TBNB
National dialling code: 012
Exchange codes: 343,344,420,421,422,424,426,427,428,429,481,482,483,484,654
Region: North Eastern
Trunk Exchange: TBNB

If anyone has ideas as to how we can trace who this person is, please
share your thoughts.

There are enough spammers in the rest of the world without SA contributing
to the problem.

--Greg

=====================< IOZ >======================
 To unsubscribe, mail <majordomo@...>
with "unsubscribe ioz" in the body of your message
==================================================

(Continue reading)

Anthony Walker | 19 Jan 2005 13:34

Picon

Re: ADSL bandwidth theft

Hi

Some of the problems stem from default passwords being left on ADSL 
modems. I had to change something on a Telkom supplied and installed 
ADSL modem for someone the other day, to be told the username and 
password were root/root.

Although the ISP password is ******** in the html form on the modem, if 
you do a view source on the page its in clear text!!! So easy prey for 
anyone to scan for port 8080 on the 165. ip ranges, login as root/root 
and get the login and password.

Regards
Anthony

=====================< IOZ >======================
 To unsubscribe, mail <majordomo@...>
with "unsubscribe ioz" in the body of your message
==================================================

Group

gmane.org.operators.ioz.

Project Web Page

discussion of issues affecting the South African Internet industry

Search Archive

Page

1 | 2 | 3 | 4

Articles in period: 31

January 2005

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Fwd: [AFRINIC-announce] AFRINIC Board Elections: Call for Nominations (30 Apr 2013)
Aereo wins battle with big networks over right to stream TV online (2 Apr 2013)
Cape Town TV White Spaces trial (28 Mar 2013)
Cape Town TV White Spaces trial (28 Mar 2013)
Cape Town TV White Spaces trial (28 Mar 2013)
Voice spectrum swapped for LTE (25 Feb 2013)
Need help registering a .na domain (13 Feb 2013)
Voice spectrum swapped for LTE (12 Feb 2013)
[AfrICANN-discuss] .ZA and DNSSEC (was: .TZ DS records in root zone) (10 Feb 2013)
Reminder: COZA Legacy Policy changes (11 Jan 2013)
absa za spam (12 Dec 2012)
absa za spam (12 Dec 2012)
ZA phone number allocations (4 Dec 2012)
MWeb technical support number? (27 Nov 2012)
UniForum SA DNS Training courses (23 Nov 2012)
Fwd: [AFRINIC-announce] AFRINIC Member Survey Deadline Extended (19 Nov 2012)
2 laughs for the week (12 Nov 2012)
ZaCon IV announcement (15 Oct 2012)
RIPE NCC now allocating IPv4 address space from the last /8 netblock (15 Sep 2012)
Registration of domains for the sole purpose of Spamming! (4 Sep 2012)
iWeek 2012 -- Cape Town, September 10-14 (27 Aug 2012)

Archives

5	April 2013
8	March 2013
28	February 2013
1	January 2013
34	December 2012
12	November 2012
1	October 2012
2	September 2012
4	August 2012
11	July 2012
2	June 2012
28	May 2012
1	April 2012
2	March 2012
8	February 2012
6	January 2012
12	December 2011
24	November 2011
4	October 2011
5	September 2011
92	August 2011
69	July 2011
32	June 2011
23	May 2011
13	April 2011
22	March 2011
83	February 2011
11	January 2011
4	December 2010
28	November 2010
27	October 2010
10	September 2010
19	August 2010
95	July 2010
9	June 2010
32	May 2010
35	March 2010
27	February 2010
9	January 2010
56	December 2009
76	November 2009
88	October 2009
57	September 2009
28	August 2009
40	July 2009
109	June 2009
231	May 2009
246	April 2009
253	March 2009
271	February 2009
6	January 2009
38	December 2008
52	November 2008
52	October 2008
101	September 2008
137	August 2008
120	July 2008
138	June 2008
16	May 2008
123	April 2008
50	March 2008
87	February 2008
76	January 2008
142	December 2007
51	November 2007
52	October 2007
33	September 2007
205	August 2007
38	July 2007
93	June 2007
78	May 2007
53	April 2007
92	March 2007
40	February 2007
21	January 2007
6	December 2006
81	November 2006
46	October 2006
85	September 2006
160	August 2006
37	July 2006
32	June 2006
11	May 2006
21	April 2006
30	March 2006
27	February 2006
19	January 2006
258	December 2005
197	November 2005
30	October 2005
58	September 2005
38	August 2005
119	July 2005
403	June 2005
163	May 2005
76	April 2005
246	March 2005
122	February 2005
29	January 2005
111	December 2004
155	November 2004
46	October 2004
89	September 2004
54	August 2004
61	July 2004
18	June 2004
89	May 2004
65	April 2004
80	March 2004
72	February 2004
31	January 2004
26	December 2003
50	November 2003
110	October 2003
140	September 2003
76	August 2003
163	July 2003
43	June 2003
74	May 2003
63	April 2003
74	March 2003
75	February 2003
114	January 2003
114	December 2002
99	November 2002
186	October 2002
100	September 2002
148	August 2002
41	July 2002
1	February 2002

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template