24-04-07

Belgian spamharvesters and spamzombies

The Honeypotproject is a collection of honeypots that tries to receive as much bad traffic as possible and puts out the resulting IP addresses publicly.

 

Spamharvesters are pc's that crawl over the internet looking for emailadresses on webpages that aren't protected. They send those afterwards to mailservers. The spamhoneypots try to make the connection between the visit of the harvester and the resulting spam from the mailserver.

 

The Belgian emailharvesters in april were for example

1. spamharvester 81.82.51.113  Most treathening
Connected with NL IP adres mailserver 193.138.206.83 mailtotaal.com

senderbase voor mailtotaal
robtex voor mailtotaal

2. spamharvester  217.136.254.79 

ISC Systems iRc Search 2.1

Connected with mailserver 213.4.149.12   terra.es
http://www.sorbs.net/lookup.shtml?213.4.149.12

 

3. Spamharvester  81.245.251.93

American mail servers associated

 

4. Harvester 86.39.2.230 
american mail servers associated
1 Indian mail server
sends also russian spam
connected with American  harvesters

The Belgian PC's that are sending spam through other - mostly American - mailservers are for example
http://www.projecthoneypot.org/i_f07d4dc0a739593dd7b32033...
217.136.253.224 (S)   -  harvester 209.160.32.70  (US) - mailservers US
217.136.253.239 (S)   -  harvester Singapore 204.9.52.5  - mailserver US
217.136.254.41 (S)    -  harvester 209.160.64.178  (US) - mailserver US
217.136.254.166 (S)   -  harvester 84.176.176.152  (D) - mailserver US
217.136.254.203 (S)   -  harvester 208.53.147.137  (US) - mailserver US
217.136.253.161 (S)   -  harvester Singapore 204.9.52.5  - mailserver US
217.136.253.164 (S)   -  harvester 69.41.163.15  US

11:20 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.