Comments on: Spamblog links http://spamhuntress.com/2005/08/27/spamblog-links/ Just another WordPress weblog Sat, 17 May 2008 04:33:12 +0000 http://wordpress.org/?v=2.0.7 by: Administrator http://spamhuntress.com/2005/08/27/spamblog-links/#comment-1153 Sun, 28 Aug 2005 19:21:24 +0000 http://spamhuntress.com/2005/08/27/spamblog-links/#comment-1153 The neatest tricks are in the source code, and you need a text browser to see'em. The neatest tricks are in the source code, and you need a text browser to see’em.

]]> by: Lemat http://spamhuntress.com/2005/08/27/spamblog-links/#comment-1152 Sun, 28 Aug 2005 15:15:38 +0000 http://spamhuntress.com/2005/08/27/spamblog-links/#comment-1152 I use built-in *nix whois, www.ripe.net, arin.net, apnic.net, lacnic.net. The spamcop.net is really cool stuff to look at the mail headers. The needed info is built from scratch - sometimes I enter spammers site just to look at the source code and HTTP headers and compare with other spammer's sites - the light of inwention comes to them every half year (or not much often) so it's easy to compare the tricks they use. If you have all the evidence - for egzample 100 domain names and their IP's (much likely all in /24 netblock) - then it's time to notify search engine guys. After that find yourself a cozy place and watch their PR goes to zero. Lately I have figured, that spammers use open-proxys and therefore they can be redirected to somewhere else (using PHP header('Location: xxx'); ) - a large file or their ISP home page will be sufficient - just grep your log files and search for IP's and referrer headers, fill a database with them and search with every request made to your guestbook/wiki/stats scripts. Oh. BTW: Dear spammers, please figure out some new tricks, It's about time for me to get bored... ;) I use built-in *nix whois, www.ripe.net, arin.net, apnic.net, lacnic.net. The spamcop.net is really cool stuff to look at the mail headers. The needed info is built from scratch - sometimes I enter spammers site just to look at the source code and HTTP headers and compare with other spammer’s sites - the light of inwention comes to them every half year (or not much often) so it’s easy to compare the tricks they use.

If you have all the evidence - for egzample 100 domain names and their IP’s (much likely all in /24 netblock) - then it’s time to notify search engine guys. After that find yourself a cozy place and watch their PR goes to zero.

Lately I have figured, that spammers use open-proxys and therefore they can be redirected to somewhere else (using PHP header(’Location: xxx’); ) - a large file or their ISP home page will be sufficient - just grep your log files and search for IP’s and referrer headers, fill a database with them and search with every request made to your guestbook/wiki/stats scripts.

Oh. BTW: Dear spammers, please figure out some new tricks, It’s about time for me to get bored… ;)

]]> by: DraDomains http://spamhuntress.com/2005/08/27/spamblog-links/#comment-1150 Sun, 28 Aug 2005 11:56:40 +0000 http://spamhuntress.com/2005/08/27/spamblog-links/#comment-1150 I think I posted in the wrong (old/archive) place so I'm sorry if this is duplicated in wrong place again but I hope to get some insight/help. thanks. hi: i'm new to all this stuff, and I am not a techie -- just have a very basic understanding of this stuff (still learning) so i hope this isn't too much of a stupid newbie question, but .... what are the best tools online for de-obfuscating URLS/DNS settings, email headers, etc and ultimately finding out who really owns a website or domain name, server, site, etc? How do you get to the root of these things? I just came across this great blog by accident and I would really like to know better how to track these creeps down who run a lot of these fly-by-night sites and operations, not just the spam, but that too, so they can be reported, identified, shared with anti-spam sites, etc. I noticed that there are sites that host sites that host sites like leap-frog or hop-scotch or something. They start at one place and end at an entirely different but are linked somehow, but I don't know if I'm checking the right information or using the right tools. I would really appreciate feedback on the best tools and places to use (and where / how to understand all the terms and the tricks I'm missing). I have been using Whois.sc and DNSstuff.com to look up these jerks. Where else do I need to look and to learn? Thank you so much. Moderator: Removed the URL. Too commercial I think I posted in the wrong (old/archive) place so I’m sorry if this is duplicated in wrong place again but I hope to get some insight/help. thanks.

hi: i’m new to all this stuff, and I am not a techie — just have a very basic understanding of this stuff (still learning) so i hope this isn’t too much of a stupid newbie question, but …. what are the best tools online for de-obfuscating URLS/DNS settings, email headers, etc and ultimately finding out who really owns a website or domain name, server, site, etc? How do you get to the root of these things? I just came across this great blog by accident and I would really like to know better how to track these creeps down who run a lot of these fly-by-night sites and operations, not just the spam, but that too, so they can be reported, identified, shared with anti-spam sites, etc.

I noticed that there are sites that host sites that host sites like leap-frog or hop-scotch or something. They start at one place and end at an entirely different but are linked somehow, but I don’t know if I’m checking the right information or using the right tools. I would really appreciate feedback on the best tools and places to use (and where / how to understand all the terms and the tricks I’m missing). I have been using Whois.sc and DNSstuff.com to look up these jerks. Where else do I need to look and to learn?

Thank you so much.

Moderator: Removed the URL. Too commercial

]]>