Comment spam server lookup
I found a page with a list of servers from Norway caught comment spamming lately:
Norway’s comment spamming servers at Project Honeypot
I found it while searching for the IP of one server I knew was Norwegian. I contacted the owner (a webhost). He told me he knew about it, and it had been an open proxy server that had been used by spammers all over the world. He also told me he’d fixed it a couple of days ago. Problem is, the last entry in my logs from that server was today! Well, hopefully he’ll fix it.
I also tried contacting another company that’s not a webhost. My e-mail bounced.
It looks to me like there are a lot of compromised servers out there. Compromised in various fashions - from a glitch in configuration, to dishonest customers, to insecure scripts.
Those of us who are responsible for servers need to keep an eye on bandwidth usage as well as logs, and also keep an eye on Project Honeypot and similar services.
February 22nd, 2008 at 7:20 pm
I came across your site today after I started investigating who was link spamming me. I’ve been noticing a lot of the attacking sites weren’t PC’s, but Linux webservers running Apache or Tomcat. I thought briefly about doing the same thing, posting a list of all the hosts attacking me, but I didn’t bother. I’ve still got them, maybe they’ll go up later on if this keeps up.