North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: WARNING: Whois mining operation (probably spam related).
On Sun, Feb 03, 2002 at 02:34:46AM -0600, [email protected] said: > > Starting about 6am eastern time, we began getting several hundred hits per > second from IP address 220.127.116.11 to our WHOIS server. > > It appears that they were running a rather well endowed dictionary against > the database. > > Beware - these are spammers (I know the address very well). Check your logs > if you have any email servers or whois databases. > > This is a jerk from England who is a known fraudster. ==== [[email protected]:~]$ whois -r 18.104.22.168 <snip> descr: Please forward abuse issues descr: to [email protected] <snip> ==== http://help.blueyonder.co.uk/rules/aup.html If this guy is obviously spamming, or data mining in preparation for spamming, it seems that blueyonder.co.uk could be contacted to have his access yanked. Failing that, cableinet.net could be contacted to have blueyonder.co.uk yanked. Of course, you may have already tried this and received little/no cooperation. *sigh* -- Scott Francis [email protected] [home:] d a r k u n c l e . n e t Systems/Network Manager [email protected] [work:] t o n o s . c o m GPG public key 0xCB33CCA7 illum oportet crescere me autem minui