Permanent Links

Poll

What should be the topic for the next Impossibly Stupid poll?

A Town Square Poll Space

Tech Corner

See Also

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[TXT]README.html2016-03-30 13:20 7.3K 
[   ]info.json2014-12-09 01:41 40  
[   ]tags=logged2015-03-26 18:30 0  
[   ]tags=meta2015-03-26 18:30 0  

Spam Outings, Round 13

Again, we have these stark demonstrations of the difference between smart and educated:

The Montgomery Academy
3240 VAUGHN RD
MONTGOMERY, AL 36106

spammed us on Wednesday, 10 March 2010 - 10:35am and Sunday, 14 March 2010 - 7:00pm via IP 209.12.83.5

Ukrainian Academic and Research Network
1 Svientsitsky Street, Lviv
79011, Ukraine
UA

spammed us on Sunday, 14 March 2010 - 3:59pm via IP 194.44.92.0

Petersburg Public Schools
3101 Johnson Road
Petersburg, VA 23803

spammed us on Thursday, 11 March 2010 - 5:30am and Sunday, 14 March 2010 - 2:03pm via IP 208.16.20.254

Universiti Teknologi Malaysia
Computer Centre
KB 791, 80990, Johor Bahru
MY

spammed us on Saturday, 13 March 2010 - 8:38pm via IP 161.139.200.3

University of Puerto Rico
Jardin Botanico Sur. 1187
Calle Flamboyan
San Juan, Puerto Rico 00926
PR

spammed us on Saturday, 13 March 2010 - 3:17pm via IP 136.145.7.13

MIREA
Moscow State Institute for RadioEngeeniring, Electronics and automatics
Vernadskogo, 78
119454, Moscow
Russia

spammed us on Saturday, 13 March 2010 - 11:57am via IP 193.41.140.246

Universidade da Coruna
Servizo de Informatica e Comunicacions
Edificio de Servizos Centrais de Investigacion
Campus de Elvina
E - 15071 - A Coruna
SPAIN

spammed us on Saturday, 13 March 2010 - 6:59am via IP 193.147.36.221

National Academic Network and Information Center
YOK Binasi B5-Blok
06539 Bilkent
Ankara-TURKEY

spammed us on Saturday, 13 March 2010 - 4:40am via IP 193.255.91.48

Universidad Tecnica Federico Santa Maria
Av. Espana, 1680,
110-V - Valparaiso -
CL

spammed us on Wednesday, 10 March 2010 - 6:28am via IP 200.1.26.254

Ministry of Education Computer Center
Taipei Taiwan 106
Taiwan

spammed us on Tuesday, 9 March 2010 - 10:33am via IP 163.21.142.253

National Center for Supercomputing Applications
Computing Applications Building
605 E Springfield Ave
Champaign, IL 61820

spammed us on Monday, 8 March 2010 - 10:59pm via IP 141.142.225.110

And in a tangential relationship to education we have:

Berbee Information Networks Corporation
5520 Research Park Drive
Madison, WI 53711

spammed us on Wednesday, 10 March 2010 - 8:19pm and Saturday, 13 March 2010 - 10:51am via IP 64.73.68.108

That one is notable because it resolves to a demco.com server. DEMCO proclaims itself to be “Serving Library & School Professionals Since 1905”, but their site also claims “100% SECURE SHOPPING”, so I wouldn't be so sure. If a school of yours does business with DEMCO, it might be time to look into whether or not scammers are siphoning off your tax dollars.

Here's an interesting one you may recognize as related to Kilmarnock College from last time:

East Dunbartonshire Council
Lumen House
Library Avenue
Harwell Science and Innovation Campus
DIDCOT, Oxon
OX11 0SG UK

spammed us on Tuesday, 9 March 2010 - 6:40pm and Wednesday, 10 March 2010 - 1:01am via IP 195.194.111.2

Different IP block, but the same owner. Perhaps the entire JANET operation is insecure.

Another government network that can't keep you safe:

King County Gov
401 5th AV
Suite 700
Seattle, WA 98104

spammed us on Tuesday, 9 March 2010 - 12:44pm via IP 146.129.243.131

You pretty much have to assume that any information you've given them is now also in the hands of identity thieves.

This one is especially disturbing because I do business with them:

GoDaddy.com, Inc.
14455 N Hayden Road
Suite 226
Scottsdale, AZ 85260

spammed us on Wednesday, 10 March 2010 - 6:00am via IP 208.109.190.98

I know GoDaddy offers hosting services, so the insecurity might be unrelated to their own operations, but they don't differentiate their network in any way that I can tell. I mean, can you be certain the domains you have registered with them are safe when you see something generic like ip-208-109-190-98.ip.secureserver.net is spamming your blog? You can bet I'll be looking into this one further.

Another untrusted network:

ACC-IPT LLC
10 COLUMBUS BLVD
HFD, CT 06106

spammed us on Wednesday, 10 March 2010 - 2:13am via IP 12.197.30.68 and also on Tuesday, 9 March 2010 - 10:39pm and Wednesday, 10 March 2010 - 9:15pm via IP 12.197.30.71

They caught my eye moreso than usual because the first IP resolves to secure.goipt.com, and you know how much I love when insecure systems advertise how secure they are.

This one may not look like much at first glance:

NBS, INC.
2 SUN CT NW
NORCROSS, GA 30092

spammed us on Tuesday, 9 March 2010 - 7:59pm, Thursday, 11 March 2010 - 12:08am and Saturday, 13 March 2010 - 4:39am and 4:40am via IP 12.200.144.164

The interesting bit is that it resolves to a sdr4.com server. That's Strategic Data Retention to you and me, and they purport to offer all kinds of email management services, including work on legal cases. That sound you hear is attorney-client privilege evaporating thanks to insecure servers.

Here's another seemingly generic IP owner:

Shaw Communications Inc.
Suite 800
630 - 3rd Ave. SW
Calgary, AB T2P-4L4
CA

spammed us on Saturday, 13 March 2010 - 8:43am via IP 24.84.160.248

I'd normally just block it, but note that it resolves to titandynamic.com, and if you visit that site you'll see that it reports itself to be running Mac OS X Server. I bag on Windows for being insecure, and rightly so, but even a poorly administered Mac (or other Unix server) can find itself as part of a botnet.

And remember that operations management software vendor that spammed us last time? Here's another one:

Lawson Software
380 Saint Peter Street
St. Paul, MN 55102

spammed us on Wednesday, 10 March 2010 - 1:59am and Saturday, 13 March 2010 - 12:46am and 12:47am via IP 208.92.248.11

The scary part is that Lawson seems to offer management software for all manner of industries. Who know how extensive the insecurities are as a result.

Woof! With all that in just the last week (and many, many more that just got dumped into the deny table), is it any wonder why I finally took extra measures to limit the comment spamming?