Re: Domain HiJacking by SPAMMERS

From: Jude Naidoo (jude007_at_jnaidoo.fsnet.co.uk)
Date: 01/30/04

  • Next message: Erich Buri: "Looking Propositions for possible research project in IT-Security" 
    To: "Bryan S. Sampsel" <bsampsel@libertyactivist.org>, <saliskor@cyberus.ca>
Date: Fri, 30 Jan 2004 18:35:17 -0000

    The only thing you can do is , as Bryan mentioned, find out via whois what
    the originating IP is and contact their ISP. Then stay on the ISP's case
    until you get some sort of details on the user, if they will let you have
    it. If you do get an email address for the spammer, send them some hate-mail
    threatening legal action.

    It's also good to find out exactly which country the ISP is in and find out
    what the local law is concerning this kind of problem.

    Jude
    ----- Original Message -----
    From: "Bryan S. Sampsel" <bsampsel@libertyactivist.org>
    To: <saliskor@cyberus.ca>
    Cc: <security-basics@securityfocus.com>
    Sent: Thursday, January 29, 2004 7:37 PM
    Subject: Re: Domain HiJacking by SPAMMERS

    > First, using WHOIS, find out who owns the IP blocks.
    >
    > Then, start hounding them.
    >
    > beyond that, I'm not sure exactly what you CAN do. But out-of-country
    > ISPs sometimes respond real fast.
    >
    > Sometimes, they simply ignore you.
    >
    > but, it's a start.
    >
    > Good luck,
    >
    > bryan
    >
    > ======================================
    > Bryan S. Sampsel
    > LibertyActivist.org
    > ======================================
    >
    > saliskor@cyberus.ca said:
    > >
    > >
    > > A client of mine has been having serious difficulties with SPAMMERS
    using
    > > their domain name as a return address for sending spam. The Names are
    > > ficticious, of course, and only a inconvenience due to the NDRs being
    > > returned through the mail system.
    > >
    > > The most serious problem is that the subject of the SPAM could cause a
    > > major public relations problem for the company, since it is mostly
    > > online-drug sales and private enhancements being marketed.
    > >
    > > A thorough check of the mail system and tracing of the original spam
    > > messages confirm that the company's systems are not being used as
    relays.
    > > Most the the messages originate in the Far/Middle east or Europe.
    > >
    > > Any suggestions as to what can be done, or how to handle such a
    situation
    > > would definitely be appreciated.
    > >
    > > Rick
    > >
    >
    > --------------------------------------------------------------------------
    -
    > > Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off
    any
    > > course! All of our class sizes are guaranteed to be 10 students or less.
    > > We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
    > > Prevention,
    > > and many other technical hands on courses.
    > > Visit us at http://www.infosecinstitute.com/securityfocus to get $720
    off
    > > any course!
    >
    > -------------------------------------------------------------------------- 

    --
> >
>
>
> --------------------------------------------------------------------------
-
> Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
> course! All of our class sizes are guaranteed to be 10 students or less.
> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention,
> and many other technical hands on courses.
> Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
> any course!
> --------------------------------------------------------------------------
--
>
>
>
---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------
  • Next message: Erich Buri: "Looking Propositions for possible research project in IT-Security"

    Relevant Pages

    • Re: Out of my league.....
      ... >> this server inside the network, ... >> noticing these open ports, I also decided to pay more attention to the ... >> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ... >> and many other technical hands on courses. ...
      (Security-Basics)
    • RE: Windows Remote Desktop
      ... Talk about the ability to transfer company data out... ... >do 'periodically' login to my remote XP workstation and do some work. ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ... >and many other technical hands on courses. ...
      (Security-Basics)
    • RE: Windows Remote Desktop
      ... Subject: Windows Remote Desktop ... WinXP) is a secure enough connection to allow it. ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. ...
      (Security-Basics)
    • Re: Outpost firewall Pro 2.0.238.3121(290) has Back Orifice trojanprogram
      ... I am not certain as I don't have access to a Outpost FW, but it might be a list of common ports, like /etc/services in linux ... 162,SNMPTRAP,SNMPTRAP (Simple Network Management Protocol) ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ... and many other technical hands on courses. ...
      (Security-Basics)
    • Re: Domain HiJacking by SPAMMERS
      ... Subject: Domain HiJacking by SPAMMERS ... >> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ... >> and many other technical hands on courses. ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
      (Security-Basics)