Thread: abuse@optonline
View Single Post
  #13   Report Post  
Old February 21st 05, 04:15 PM posted to uk.sci.weather
Keith Dancey Keith Dancey is offline
external usenet poster
  
First recorded activity by Weather-Banter: Jul 2003
Posts: 318
Default abuse@optonline
In article , "Philip Eden" philipATweatherHYPHENukDOTcom writes:

"Anne Burgess" wrote in message
...
It is now 14.25 GMT on Monday 21 February 2005.

Within the last two hours someone has just sent something like 5000
similar
spam messages to the Usenet newsgroup ul.sci.weather.

I have looked at some of the headers, and all those I have looked at
purport
to come from 24.186.189.211, which I gather is one of your IP numbers.

Would you care to investigate, please?



Who was this addressed to, Anne? Original article not available on my
server (yet). Number of spammed articles now over 10,000.


Anyone swamped by this may try:

Killfile on Header and string set to " for example.



Either zen have successfully bunged in a filter, or he/she
has stopped to watch 'Murder She Wrote'.



Lucky Philip!



Originating IP address of denial-of-service attack on u.s.w is 24.186.189.211

This is, on the face of it, a Cablevision Systems proxy server, which agrees
with the Abuse address "


----------------------------ARIN search-----------------------------


ARIN provides the following:



Search results for: 24.186.189.211

Optimum Online (Cablevision Systems) OOL-2BLK (NET-24-184-0-0-1)
24.184.0.0 - 24.187.255.255
Optimum Online (Cablevision Systems) OOL-6AHNTNNY3-0821 (NET-24-186-184-0-1)
24.186.184.0 - 24.186.191.255

# ARIN WHOIS database, last updated 2005-02-20 19:10




Search results for: ! NET-24-186-184-0-1


CustName: Optimum Online (Cablevision Systems)
Address: 111 New South Road
City: Hicksville
StateProv: NY
PostalCode: 11801
Country: US
RegDate: 2004-01-14
Updated: 2004-01-14

NetRange: 24.186.184.0 - 24.186.191.255
CIDR: 24.186.184.0/21
NetName: OOL-6AHNTNNY3-0821
NetHandle: NET-24-186-184-0-1
Parent: NET-24-184-0-0-1
NetType: Reassigned
Comment:
RegDate: 2004-01-14
Updated: 2004-01-14

TechHandle: OH4-ORG-ARIN
TechName: OOL Hostmaster
TechPhone: +1-516-803-3000
TechEmail:

OrgAbuseHandle: OOLAB-ARIN
OrgAbuseName: OOL Hostmaster
OrgAbusePhone: +1-516-803-2400
OrgAbuseEmail:

OrgTechHandle: OH4-ORG-ARIN
OrgTechName: OOL Hostmaster
OrgTechPhone: +1-516-803-3000
OrgTechEmail:

# ARIN WHOIS database, last updated 2005-02-20 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.



Name: OOL Hostmaster
Handle: OH4-ORG-ARIN
Company: Optimum Online (Cablevision Systems)
Address: 111 new south RD
City: Hicksville
StateProv: NY
PostalCode: 11801
Country: US
Comment: Please send your abuse report to .
Comment: Spam complaints must include the full header and content of the
Comment: email. Email virus complaints must include the full header and
Comment: the type of virus. Hacking complaints must contain the date,
Comment: time, timezone, source IP address, destination IP address,
Comment: sending port, receiving port, type of protocol (i.e. TCP, UDP),
Comment: an indication of frequency whether by count for a time frame
Comment: or by list, and specifics of the attack if applicable. Please
Comment: send plain text only - we cannot accept attachments. All other
Comment: issues must contain full details of the problem. Please report
Comment: only recent incidents. All issues are prioritized and may not be
Comment: addressed immediately.
RegDate: 1998-09-29
Updated: 2003-06-30
Phone: +1-516-803-3000 (Office)
Email:

# ARIN WHOIS database, last updated 2005-02-20 19:10

----------------------end of ARIN search-------------------------------





If you check the Blacklisted sites, you will find this address was found
to be insecure last Friday!.



-----------------------------Blitzed search----------------------------------


From blitzed:


Open proxy lookup

Performing a lookup on the IP address 24.186.189.211.

The IP address 24.186.189.211 is an active entry in the OPM blacklist, it was confirmed as an open proxy by our scanning software at 2005-02-18 12:21:02 GMT. Please refer the administrator of the system to this page so they can take the necessary steps to secure the open proxy. Full details..

As an open proxy provides an insecure means of accessing resources through your network, we recommend this proxy should be secured as soon as possible.

Follow these steps to ensure permanent removal from the OPM blacklist:

1. Secure your proxy.
2. Remove the IP address from our blacklist.


-------------------------end Blitzed search-----------------------------------



I have emailed Cablevision, for what its worth.



Cheers,


keith



---
Iraq: 6.5 thousand million pounds, 80 UK lives, and counting...
100,000+ civilian casualties, largely of coalition bombing...


Reply With QuoteReply With Quote