Nostalgic Rumblings
The Ramblings of an Old Man

If you appreciate the lists and websites, please consider contributing to their maintenance.

Categories

December 2006
S M T W T F S
« Nov   Jan »
 12
3456789
10111213141516
17181920212223
24252627282930
31  

Search:

Contact Webmaster

Links

Meta

  • RSS 2.0
    The main feed; in a news aggrigator, it's the news items, in a podcast client, it's the media files


  • Comments RSS 2.0
    This is the feed for global comments (any comment made to the board); each entry has a seperate comments feed, too

© 2006 L.O.F. Communications;
All Rights Reserved

Times listed are U.S. Eastern

We don't need no much stinkin' CSS...

 
Please Keep These Pages Free; Check Out Our Sponsors by Clicking the Banner!

DVD and Video from Barnes & Noble!

DVD and Video from Barnes & Noble!

 

12/4/2006

I hate spammers…

Filed under: General — Charlie Summers @ 10:25 pm

As most of you know, spam made it yet again into the OTR Digest; while the percentage of spam in the Digest over the years is ridiculously tiny, even one is too many for my taste, and over the last year there have been three. And I’m angry. Not at myself, although there is always a sense of personal failure when spam gets there, but mostly at the spammers who make me spend so bloody much of my time dealing with their crap…it’s turning into a full-time job, and taking up way too much of my time.

For those of you who don’t understand how spam gets to you, let me give you a quick overview. (Feel free to scroll down through some of the log entries I’m placing here…they’re gonna be long.) Spammers are thieves, it’s as simple as that. They use various means, mostly trojan programs installed on your computer without your knowledge, to steal your resources. Your machine becomes part of a “botnet” of hundreds or thousands of machines, each sending spam. Where at one time cracking your computer was done by “crackers” (I’ll explain the difference between a “hacker” and a “cracker” on another day) for the heck of it, it’s now done for a real profit motive, sometimes by criminal organizations.

Anyway, once your machine is part of one of these botnets, it will send spam for as long as it’s connected to the Net, almost always without the user’s knowledge. The software that’s installed includes a mini-mail server, so it comes directly from your machine to the target email server (for the Digest, that’s my server). So what can I do about something like this?

The first thing I want to do is stop accepting email from places I know aren’t legitimate email servers…I mean, normally, you use your provider’s server to talk to mine, so if I start getting connection attempts from an IP assigned to, say, a cable or aDSL modem, I want to ignore it. And that works for a whole lot of spam…the first thing I use is a “real-time blackhole” list (called RBLs) that holds dynamically-allocated IPs. But I’ve found it to be lacking a whole lot, which I have slowly been adding to an internal database; let me show you the dynamic IP addresses on that internal list, not counting the many blocked by the RBLs, from which my server ignored email in one twenty-four hour period:

Total Dynamic IPs Blocked in access.db: 281
                                Detail:
    084202149085.customer.alfanett.no: 1 Times(s)
    12-201-84-100.client.mchsi.com: 1 Times(s)
    12-214-60-140.client.mchsi.com: 1 Times(s)
    12-218-135-235.client.mchsi.com: 1 Times(s)
    12-218-215-92.client.mchsi.com: 1 Times(s)
    140-228.187-72.tampabay.res.rr.com: 1 Times(s)
    146.65.118.70.cfl.res.rr.com: 1 Times(s)
    199.225.204.68.cfl.res.rr.com: 1 Times(s)
    207-225-188-125.phnx.qwest.net: 1 Times(s)
    24-151-169-129.dhcp.kgpt.tn.charter.com: 1 Times(s)
    24-177-5-190.dhcp.nwtn.ct.charter.com: 1 Times(s)
    24-181-92-125.dhcp.dctr.al.charter.com: 1 Times(s)
    24-207-167-19.dhcp.stls.mo.charter.com: 1 Times(s)
    24-207-177-144.dhcp.stls.mo.charter.com: 1 Times(s)
    24-217-72-178.dhcp.stls.mo.charter.com: 1 Times(s)
    24-241-4-153.dhcp.buft.sc.charter.com: 1 Times(s)
    64.203.217.114.dyn-cm-pool-26.pool.hargray.net: 1 Times(s)
    65-100-26-157.albq.qwest.net: 1 Times(s)
    66-168-113-226.dhcp.oxfr.ma.charter.com: 1 Times(s)
    66-169-8-187.dhcp.spbg.sc.charter.com: 1 Times(s)
    66-215-41-61.dhcp.hspr.ca.charter.com: 1 Times(s)
    66-249-58-184.adsl.gulftel.net: 1 Times(s)
    68-116-214-130.dhcp.thbd.la.charter.com: 2 Times(s)
    68-184-172-141.dhcp.kgpt.tn.charter.com: 1 Times(s)
    68-184-70-88.dhcp.mtgm.al.charter.com: 1 Times(s)
    68-185-138-121.dhcp.jcsn.tn.charter.com: 2 Times(s)
    68-186-74-114.bbone.knwk.wa.charter.com: 1 Times(s)
    68-187-198-153.dhcp.ahvl.nc.charter.com: 1 Times(s)
    68-189-17-149.dhcp.rdng.ca.charter.com: 1 Times(s)
    68-251-214-132.ded.ameritech.net: 1 Times(s)
    69-11-20-53.regn.hsdb.sasknet.sk.ca: 1 Times(s)
    69-11-88-131.sktn.hsdb.sasknet.sk.ca: 1 Times(s)
    70-245-83-50.ded.swbell.net: 8 Times(s)
    71-11-170-21.dhcp.sprn.tx.charter.com: 2 Times(s)
    71-15-105-214.dhcp.ftwo.tx.charter.com: 1 Times(s)
    71-17-150-146.regn.hsdb.sasknet.sk.ca: 1 Times(s)
    71-223-1-228.phnx.qwest.net: 1 Times(s)
    71-8-51-220.dhcp.leds.al.charter.com: 1 Times(s)
    71-80-191-154.static.lsan.ca.charter.com: 1 Times(s)
    71-83-223-51.dhcp.whtr.ca.charter.com: 1 Times(s)
    71-85-241-219.dhcp.stls.mo.charter.com: 1 Times(s)
    71-9-77-203.static.hspr.ca.charter.com: 1 Times(s)
    71-92-213-208.static.mtpk.ca.charter.com: 1 Times(s)
    71-92-219-253.static.mtpk.ca.charter.com: 1 Times(s)
    71-93-220-82.dhcp.gldl.ca.charter.com: 1 Times(s)
    74-36-254-178.br1.nwr.wi.frontiernet.net: 1 Times(s)
    76-246.35-65.tampabay.res.rr.com: 1 Times(s)
    80-193-11-225.cable.ubr04.gill.blueyonder.co.uk: 1 Times(s)
    80-195-17-48.cable.ubr02.dudl.blueyonder.co.uk: 1 Times(s)
    80-41-219-167.dynamic.dsl.as9105.com: 1 Times(s)
    82-37-202-53.cable.ubr05.dudl.blueyonder.co.uk: 1 Times(s)
    82-41-221-212.cable.ubr13.edin.blueyonder.co.uk: 1 Times(s)
    84.94.170.75.cable.012.net.il: 1 Times(s)
    84.94.7.106.cable.012.net.il: 1 Times(s)
    85-124-26-78.dynamic.xdsl-line.inode.at: 1 Times(s)
    88-105-80-27.dynamic.dsl.as9105.com: 1 Times(s)
    88-108-86-36.dynamic.dsl.as9105.com: 1 Times(s)
    88-110-41-137.dynamic.dsl.as9105.com: 1 Times(s)
    88-111-169-91.dynamic.dsl.as9105.com: 1 Times(s)
    89-138-106-151.bb.netvision.net.il: 1 Times(s)
    89-138-140-83.bb.netvision.net.il: 2 Times(s)
    89-138-161-168.bb.netvision.net.il: 1 Times(s)
    89-139-117-45.bb.netvision.net.il: 1 Times(s)
    89-139-198-139.bb.netvision.net.il: 1 Times(s)
    CPE-24-163-153-133.kc.res.rr.com: 1 Times(s)
    CPE-65-31-237-236.neb.res.rr.com: 1 Times(s)
    CPE-72-128-46-105.kc.res.rr.com: 1 Times(s)
    CPE-72-131-46-109.wi.res.rr.com: 1 Times(s)
    IGLD-83-130-18-175.inter.net.il: 1 Times(s)
    M3644P027.adsl.highway.telekom.at: 1 Times(s)
    S0106000795ff2ea4.vc.shawcable.net: 1 Times(s)
    S0106000ea6a66e9b.vc.shawcable.net: 1 Times(s)
    S01060020ed407658.vc.shawcable.net: 1 Times(s)
    S010600d009ea1b31.ed.shawcable.net: 1 Times(s)
    S010600e029833254.vf.shawcable.net: 1 Times(s)
    VDSL-130-13-236-57.PHNX.QWEST.NET: 2 Times(s)
    adsl-070-155-057-253.sip.bct.bellsouth.net: 1 Times(s)
    adsl-072-151-168-049.sip.mob.bellsouth.net: 1 Times(s)
    adsl-074-244-011-062.sip.asm.bellsouth.net: 2 Times(s)
    adsl-149-48-30.mia.bellsouth.net: 1 Times(s)
    adsl-152-64-126.asm.bellsouth.net: 1 Times(s)
    adsl-63-199-255-246.dsl.sndg02.pacbell.net: 1 Times(s)
    adsl-69-106-172-212.dsl.lsan03.pacbell.net: 1 Times(s)
    adsl-70-251-50-166.dsl.okcyok.swbell.net: 1 Times(s)
    bzq-84-108-211-80.cablep.bezeqint.net: 1 Times(s)
    bzq-84-110-246-88.red.bezeqint.net: 1 Times(s)
    bzq-88-152-190-161.red.bezeqint.net: 1 Times(s)
    bzq-88-153-147-136.red.bezeqint.net: 1 Times(s)
    bzq-88-153-2-44.red.bezeqint.net: 1 Times(s)
    bzq-88-153-216-231.red.bezeqint.net: 1 Times(s)
    bzq-88-154-161-125.red.bezeqint.net: 1 Times(s)
    bzq-88-154-24-186.red.bezeqint.net: 1 Times(s)
    bzq-88-155-0-240.red.bezeqint.net: 1 Times(s)
    bzq-88-155-118-36.red.bezeqint.net: 1 Times(s)
    bzq-88-155-198-137.red.bezeqint.net: 1 Times(s)
    bzq-88-155-54-199.red.bezeqint.net: 1 Times(s)
    c-24-129-36-35.hsd1.fl.comcast.net: 1 Times(s)
    c-24-16-60-86.hsd1.wa.comcast.net: 1 Times(s)
    c-24-6-33-223.hsd1.ca.comcast.net: 1 Times(s)
    c-24-6-97-100.hsd1.ca.comcast.net: 1 Times(s)
    c-24-7-165-90.hsd1.ca.comcast.net: 1 Times(s)
    c-24-99-108-191.hsd1.ga.comcast.net: 1 Times(s)
    c-66-176-188-47.hsd1.fl.comcast.net: 1 Times(s)
    c-66-177-83-78.hsd1.fl.comcast.net: 1 Times(s)
    c-67-170-21-247.hsd1.wa.comcast.net: 1 Times(s)
    c-67-175-36-155.hsd1.il.comcast.net: 1 Times(s)
    c-67-191-109-138.hsd1.fl.comcast.net: 1 Times(s)
    c-68-43-148-61.hsd1.mi.comcast.net: 1 Times(s)
    c-68-46-5-171.hsd1.de.comcast.net: 1 Times(s)
    c-68-57-213-151.hsd1.in.comcast.net: 1 Times(s)
    c-69-139-159-94.hsd1.md.comcast.net: 1 Times(s)
    c-69-249-82-240.hsd1.nj.comcast.net: 1 Times(s)
    c-71-196-4-74.hsd1.fl.comcast.net: 1 Times(s)
    c-71-196-45-156.hsd1.fl.comcast.net: 1 Times(s)
    c-71-197-146-202.hsd1.or.comcast.net: 1 Times(s)
    c-71-203-24-55.hsd1.fl.comcast.net: 1 Times(s)
    c-71-204-35-129.hsd1.ga.comcast.net: 2 Times(s)
    c-71-206-121-58.hsd1.mi.comcast.net: 1 Times(s)
    c-71-207-228-222.hsd1.al.comcast.net: 1 Times(s)
    c-71-225-174-134.hsd1.pa.comcast.net: 1 Times(s)
    c-71-225-18-172.hsd1.pa.comcast.net: 2 Times(s)
    c-71-225-99-128.hsd1.pa.comcast.net: 1 Times(s)
    c-71-233-61-218.hsd1.ma.comcast.net: 1 Times(s)
    c-75-74-19-236.hsd1.fl.comcast.net: 1 Times(s)
    c-76-17-174-63.hsd1.mn.comcast.net: 1 Times(s)
    camarillo-cuda1h-56.ventca.adelphia.net: 1 Times(s)
    cpc1-oldh3-0-0-cust1007.manc.cable.ntl.com: 1 Times(s)
    cpc1-oxfd5-0-0-cust550.oxfd.cable.ntl.com: 1 Times(s)
    cpe-024-074-244-022.carolina.res.rr.com: 1 Times(s)
    cpe-024-088-255-248.nc.res.rr.com: 1 Times(s)
    cpe-065-190-242-197.triad.res.rr.com: 1 Times(s)
    cpe-066-056-154-005.triad.res.rr.com: 1 Times(s)
    cpe-071-070-083-074.sc.res.rr.com: 1 Times(s)
    cpe-071-071-202-158.carolina.res.rr.com: 2 Times(s)
    cpe-075-177-178-053.nc.res.rr.com: 1 Times(s)
    cpe-076-182-102-086.nc.res.rr.com: 1 Times(s)
    cpe-076-182-119-254.triad.res.rr.com: 1 Times(s)
    cpe-24-160-126-88.houston.res.rr.com: 1 Times(s)
    cpe-24-161-68-112.hvc.res.rr.com: 1 Times(s)
    cpe-24-164-74-82.woh.res.rr.com: 1 Times(s)
    cpe-24-164-86-250.woh.res.rr.com: 1 Times(s)
    cpe-24-165-170-190.midsouth.res.rr.com: 1 Times(s)
    cpe-24-175-254-194.gt.res.rr.com: 1 Times(s)
    cpe-24-193-190-216.nyc.res.rr.com: 1 Times(s)
    cpe-24-195-108-41.nycap.res.rr.com: 1 Times(s)
    cpe-24-195-173-30.nycap.res.rr.com: 1 Times(s)
    cpe-24-24-113-15.midsouth.res.rr.com: 1 Times(s)
    cpe-24-27-71-151.houston.res.rr.com: 1 Times(s)
    cpe-24-29-146-1.nyc.res.rr.com: 1 Times(s)
    cpe-24-33-134-93.woh.res.rr.com: 1 Times(s)
    cpe-24-33-72-91.cinci.res.rr.com: 1 Times(s)
    cpe-24-58-200-173.twcny.res.rr.com: 1 Times(s)
    cpe-24-58-21-22.twcny.res.rr.com: 1 Times(s)
    cpe-24-59-106-103.twcny.res.rr.com: 1 Times(s)
    cpe-24-93-118-178.columbus.res.rr.com: 1 Times(s)
    cpe-65-24-41-175.columbus.res.rr.com: 1 Times(s)
    cpe-66-24-113-19.stny.res.rr.com: 1 Times(s)
    cpe-66-61-73-77.midsouth.res.rr.com: 1 Times(s)
    cpe-66-61-77-90.midsouth.res.rr.com: 1 Times(s)
    cpe-66-65-189-16.nyc.res.rr.com: 1 Times(s)
    cpe-66-68-241-141.rgv.res.rr.com: 1 Times(s)
    cpe-66-74-155-194.socal.res.rr.com: 1 Times(s)
    cpe-69-201-139-103.nyc.res.rr.com: 1 Times(s)
    cpe-69-205-177-180.stny.res.rr.com: 1 Times(s)
    cpe-69-205-198-134.stny.res.rr.com: 2 Times(s)
    cpe-69-206-236-209.nyc.res.rr.com: 1 Times(s)
    cpe-70-116-91-176.houston.res.rr.com: 1 Times(s)
    cpe-70-120-182-67.houston.res.rr.com: 1 Times(s)
    cpe-71-64-156-20.woh.res.rr.com: 1 Times(s)
    cpe-71-67-186-74.midsouth.res.rr.com: 1 Times(s)
    cpe-72-177-111-128.austin.res.rr.com: 1 Times(s)
    cpe-72-179-17-244.austin.res.rr.com: 1 Times(s)
    cpe-72-181-211-246.houston.res.rr.com: 2 Times(s)
    cpe-72-181-224-160.houston.res.rr.com: 1 Times(s)
    cpe-72-225-151-151.nj.res.rr.com: 1 Times(s)
    cpe-72-226-64-190.nycap.res.rr.com: 1 Times(s)
    cpe-74-72-157-156.nyc.res.rr.com: 1 Times(s)
    cpe-75-80-93-208.bak.res.rr.com: 1 Times(s)
    cpe-76-169-144-27.socal.res.rr.com: 1 Times(s)
    cpe-76-169-222-145.socal.res.rr.com: 1 Times(s)
    cpe-76-181-115-24.columbus.res.rr.com: 1 Times(s)
    cpe-76-185-231-40.tx.res.rr.com: 1 Times(s)
    cpe-76-187-147-8.tx.res.rr.com: 2 Times(s)
    cpe-76-188-188-215.neo.res.rr.com: 2 Times(s)
    cpe-76-188-45-217.neo.res.rr.com: 1 Times(s)
    d36-66-235.home1.cgocable.net: 1 Times(s)
    d39-172-95.home1.cgocable.net: 1 Times(s)
    d8-149.rb.jax.centurytel.net: 1 Times(s)
    d83-184-101-237.cust.tele2.it: 1 Times(s)
    dslb-082-083-001-030.pools.arcor-ip.net: 1 Times(s)
    dslb-082-083-026-031.pools.arcor-ip.net: 1 Times(s)
    dslb-084-057-065-055.pools.arcor-ip.net: 1 Times(s)
    dslb-084-060-049-111.pools.arcor-ip.net: 2 Times(s)
    dslb-084-060-254-233.pools.arcor-ip.net: 1 Times(s)
    dslb-084-061-009-048.pools.arcor-ip.net: 1 Times(s)
    dslb-084-061-134-238.pools.arcor-ip.net: 1 Times(s)
    dslb-084-063-006-191.pools.arcor-ip.net: 1 Times(s)
    dslb-088-065-172-040.pools.arcor-ip.net: 1 Times(s)
    fl-71-53-132-69.dhcp.embarqhsd.net: 1 Times(s)
    fl-76-2-101-19.dhcp.embarqhsd.net: 1 Times(s)
    h-68-167-159-12.lsanca54.covad.net: 1 Times(s)
    h136n1c1o1035.bredband.skanova.com: 1 Times(s)
    h159.190.30.69.ip.alltel.net: 1 Times(s)
    h179.104.40.69.ip.alltel.net: 1 Times(s)
    h188.169.140.67.ip.alltel.net: 1 Times(s)
    h193.153.29.71.ip.alltel.net: 1 Times(s)
    h210.26.29.71.ip.alltel.net: 1 Times(s)
    host-84-9-51-153.bulldogdsl.com: 1 Times(s)
    hrrsnbrg-bluewave1-69-161-7-224.chvlva.adelphia.net: 1 Times(s)
    ip51cf2578.direct-adsl.nl: 1 Times(s)
    ip5457168e.direct-adsl.nl: 1 Times(s)
    ip56587624.direct-adsl.nl: 1 Times(s)
    ip565c3914.direct-adsl.nl: 1 Times(s)
    ip66-105-168-156.z168-105-66.customer.algx.net: 3 Times(s)
    nc-76-0-190-118.dhcp.embarqhsd.net: 1 Times(s)
    nitzan.inter.net.il: 1 Times(s)
    pool-68-162-30-253.nwrk.east.verizon.net: 1 Times(s)
    pool-68-237-125-5.ny325.east.verizon.net: 1 Times(s)
    pool-70-110-183-104.phil.east.verizon.net: 1 Times(s)
    pool-70-17-224-49.balt.east.verizon.net: 1 Times(s)
    pool-70-17-245-88.balt.east.verizon.net: 1 Times(s)
    pool-70-18-40-10.ny325.east.verizon.net: 1 Times(s)
    pool-70-23-166-94.ny325.east.verizon.net: 1 Times(s)
    pool-71-100-1-198.tampfl.dsl-w.verizon.net: 2 Times(s)
    pool-71-105-138-130.lsanca.dsl-w.verizon.net: 1 Times(s)
    pool-71-110-14-127.lsanca.dsl-w.verizon.net: 1 Times(s)
    pool-71-110-192-168.lsanca.dsl-w.verizon.net: 1 Times(s)
    pool-71-111-122-18.ptldor.dsl-w.verizon.net: 1 Times(s)
    pool-71-112-165-70.sttlwa.dsl-w.verizon.net: 1 Times(s)
    pool-71-124-202-147.bstnma.east.verizon.net: 1 Times(s)
    pool-71-163-144-67.washdc.fios.verizon.net: 1 Times(s)
    pool-71-163-198-57.washdc.east.verizon.net: 1 Times(s)
    pool-71-163-40-73.washdc.fios.verizon.net: 1 Times(s)
    pool-71-247-169-207.nycmny.east.verizon.net: 1 Times(s)
    pool-71-247-44-74.nycmny.east.verizon.net: 1 Times(s)
    pool-71-249-32-115.nycmny.east.verizon.net: 1 Times(s)
    pool-71-250-108-209.nwrknj.east.verizon.net: 1 Times(s)
    pool-71-255-239-81.washdc.east.verizon.net: 1 Times(s)
    pool-72-66-68-208.washdc.fios.verizon.net: 1 Times(s)
    pool-72-68-184-27.nycmny.east.verizon.net: 2 Times(s)
    pool-72-69-85-31.chi01.dsl-w.verizon.net: 2 Times(s)
    pool-72-76-161-144.nwrknj.east.verizon.net: 1 Times(s)
    pool-72-92-94-200.phlapa.east.verizon.net: 1 Times(s)
    pool-72-94-88-37.phlapa.east.verizon.net: 1 Times(s)
    r190-64-10-154.dialup.adsl.anteldata.net.uy: 1 Times(s)
    rrcs-24-123-254-216.central.biz.rr.com: 1 Times(s)
    rrcs-24-97-15-66.nys.biz.rr.com: 2 Times(s)
    rrcs-70-60-183-230.central.biz.rr.com: 1 Times(s)
    static-72-87-159-146.lsanca.dsl-w.verizon.net: 3 Times(s)
    user-0c2h14p.cable.mindspring.com: 1 Times(s)
    user-387case.cable.mindspring.com: 1 Times(s)
    wsip-68-15-140-55.hr.hr.cox.net: 1 Times(s)

If you see your IP or hostname up there, your machine is infected. (If you don’t, it might be, anyway - more on what to do about that in a minute.) For those interested in some totals for a few (not all, to avoid the “bad guys” knowing what I use) of the various RBLs I use on the server for the same twenty-four hour period:

Relay attempts from known spammers:
    : 173 Times(s)

BlackHole Totals:
    cbl.abuseat.org: 229 Times(s)
    countries.nerd.dk: 166 Times(s)
    www.dnsbl.au.sorbs.net: 303 Times(s)

The “Relay attempts from known spammers” line is the number of rejections from domain names and IP addresses I know to send spam, even if they come through a “legitimate” email server which I have added to yet-another-internal database the server consults to see if it’s allowed to complete the SMTP transaction with the foreign machine. An example might be anyfreight.com, media-uplink.com, or canwestmediagroup.com - any outfit that has sent any kind of opt-OUT email makes it on this list (so-called “legitimate” companies, as an example uniden.com, sometimes send opt-OUT marketing messages, too, and they get added to the list just like any other scammer - permission-based marketing means opt-IN, not opt-OUT).

With these tallies alone, we’re averaging almost 1,000 spam emails blocked in one twenty-four hour period (last Saturday into Sunday, in fact)…close to 41 every hour, uncomfortably close to one every minute of the d*mned day.

But there are other blockers at work on the server, too…some I frankly don’t want to discuss with you, gentle reader, since the “bad guys” are able to read this too, which almost doubles that total. And I will tell you I have taken steps to firewall off (prevent from connecting) massive amounts of some foreign countries, like China, Russia, Estonia, etc., etc. Doesn’t seem right, I know, but I receive a tremendous amount of spam from those areas of the world, and there are precious few people there I want talking to my email server. Truth is, for the firewalled IP blocks, they can’t even see this website let alone email me…any incoming packets from those netblocks are dropped to the floor instead of answered.

Now consider the web-based forums, which are hit with fifteen or twenty attempts to register usernames for spamming purposes every day which need to be manually checked and deleted. And this blog, with receives two or three attempted registrations every day which need to be checked and deleted. And the web-based contact form on the sidebar over there, which receives…ok, that only gets maybe one a week tops, but that’s only because I made it so d*mned difficult to use, people who have a legitimate reason to contact me have trouble using the thing.

And so there’s no misunderstanding, I’m just a tiny little guy on the Net. Can you imagine what companies like Comcast, Verizon, and others have to deal with every bloody day?

(I won’t even get into the number of robot-controlled crack attempts the server gets on a daily basis. These guys aren’t even satisfied with installing an IRC bot on the machine to steal my bandwidth, these guys want to root the box, lock me out, and use it not only to send spam at top speed but to infect other computers on the Net with their garbage! I review those logs, too, and complain to the upstreams, but again in most cases the machines are part of a botnet, so the machine attacking me is as much of a victim as I am.)

Ok, so we see the spam problem is way out of control, and there doesn’t seem to be any letup in sight. The server will simply get hammered harder over time, with the bad guys escalating their attacks. What can we do?

Not much.

A good start would be everyone in the world who uses Windows software running an up-to-date set of anti-virus and anti-adware applications (collectively known as “anti-malware”). If you don’t routinely check your machine for problems, you are possibly the problem. Here’s a short-list of reputable applications, by far not extensive nor should you assume this constitutes a recommendation, but again, these are a great place to start:

AVG Anti-Virus Free - Freeware (for personal use; business and charity use requires a license) anti-virus software. Good stuff, IMHO, yet free. Well worth the install even if you have to pay for it.

AVG Anti-Spyware Free - While we’re here, the application formerly known as ewido, another strong entry from AVG, although this is a little trickier; while the “personal version” is free, the installer applies the commercial version for a few weeks, and consistently duns you about buying the thing. I’ve had mixed results with this one; worth keeping in your arsenal, but not my top pick by any means.

SuperAntiSpyware - this one has removed things for me none of the others have…it’s downside is it takes forever to scan my drives.

Spyware Terminator - This one is the only anti-spyware app I know of that has free real-time protection, like the commercial ones. It doesn’t catch everything, but a worthy weapon.

Spybot Search and Destroy - A must-have; one of the first freeware anti-spyware apps, and still maintained to be one of the best. Install it and scan your machine at least once a week.

Ad-Aware SE Personal - This one is also a golden oldie, although it won’t run at all on one of my machines (it gets about a quarter of the way through the scan and locks my machine up tight) it’s still recommended by almost everyone out there to help get rid of the malware.

The painful truth is, no one application will catch everything. Install a few of the above, or others available on the Net (please research anything you decide on first, though…some malware writers are actually hiding their garbage inside alleged “anti-spyware” applications), and scan routinely. It won’t stop the other 399,999 computers, but at least the scum won’t be able to steal the resources you’re paying for.

TrackBack URI    RSS feed for comments on this post.   Post ID: 896

Leave a Reply

You must be logged in to post a comment (if not already registered, it only takes a moment - this is unfortunately necessary thanks to the slime who send blog comment spam advertising their illegal scams...).