Wazoo

Forum Admin
  • Content count

    13,222
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Wazoo

  • Rank
    What Life?

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Iowa

Recent Profile Visitors

2,178 profile views
  1. So much stuff is in the configuration settings, most of which have not been changed/updated. Only now got to a place where I could check in to see why I was getting all the failure messages from Google about all the dead URLs and systems. And .. only now do I find out what the cause was. Do I guess that stuff other than this "new" install of this IPB Board didn't make the move? Based on the messgae traffic and the unchanged settings seen here, I've got to gues that a lot of stuff is gone or broken. Off to poke around and see what else has happened. A bit later .... ouch. all those years of code manipulation, all gone. Noted that htere is yet one more update to the board software that hasn't been applied. Dropped a PM to RW to ask for some guidance.
  2. What types of connections have you tried in the "away" mode| For example, I seem to recall having issues with WEP when trying to use the pass phrase, but worked fine when I used the hex string. What firewall might you be using, thinking of a setting for "trusted" networks being involved??? For example, I've been forced to notice that some of the defaul settings are different between manufacturers (and even different model numbers from the same vendor) some using 192.168.0.x, other using 192.168.1.x.
  3. Sent a note upstream, asking for something more direct. This would probably fall under the need for an 'engineering request' even further upstream, so even if agreed to, it might take some time to implement.
  4. http://www.spamcop.net/sc?track=223.130.209.13 Parsing input: 223.130.209.13 Display data: "whois 223.130.209.13[at]whois.arin.net" (Getting contact from whois.arin.net ) Redirect to apnic: "whois 223.130.209.13[at]whois.apnic.net" (Getting contact from whois.apnic.net mirror) Display data: whois.apnic.net redirects to krnic Display data: "whois 223.130.209.13[at]whois.krnic.net" (Getting contact from whois.krnic.net) - not found No reporting addresses found for 223.130.209.13, using devnull for tracking. http://www.spamcop.net/sc?action=showcmd;c...whois.krnic.net [ Network Information ] IPv4 Address : 223.130.128.0 - 223.130.255.255 (/17) Service Name : JNDINFO Organization Name : JND Communication Organization ID : ORG828317 Address : 1056-11 5F JNDINFO.CO, Gyeonggi-do Gwonseon-dong Zip Code : 441-390 Registration Date : 20100729 [ Admin Contact Information ] Name : jang hyun wook Phone : +82-31-226-9399 E-Mail : comnetjw[at]hanmir.com [ Tech Contact Information ] Name : jung boung woo Phone : +82-31-226-9399 E-Mail : comnetjw[at]hanmir.com [ Network Abuse Contact Information ] Name : kim young-sook Phone : +82-31-221-7722 E-Mail : young55[at]naver.com
  5. and yet again, still, on and on .... 'spam king' Wallace indicted for Facebook spam Wallace, 43, was indicted in July by a San Jose, Calif., grand jury on three counts of intentional damage to a protected computer and two counts of criminal contempt, according to the U.S. Attorney's Office in the Northern District of California. Wallace allegedly compromised approximately 500,000 Facebook accounts during three separate attacks on the social-networking giant between November 2008 and March 2009. .... Wallace, who was ordered by U.S. District Court Judge Jeremy Fogel in 2009 not to access Facebook, was also charged with violating that order by accessing the social network on an airline flight from Las Vegas to New York in April 2009 and by maintaining an account under the name David Sinful-Saturdays Fredericks for a few weeks earlier this year. ....
  6. Coming in a bit late, maybe you've already got it sorted ... but, the first jump to me (making the assumption that Windows is involved) would be the 'computer/hardware profile' .... the 'undocked' mode disabling the hardware ethernet interface, or possibly simply not recognizing it at all in that mode. Moved the Topic, as per your request.
  7. Is this customer doing DNS-lookups for something other than handling incoming e-mail? The SpamCopDNSBL is "very" dynamic .. nothing like other BLs.
  8. SpamCop Staff Mail-Host Configuration of your Reporting Account
  9. I know you said that the server was hacked, but ,,,, the 'adding a few lines to all the .js files' seems extremely out of the ordinary. More typical is the action of adding in something like an iframe bit to effect this sort of cross-site-scripting. The quick-check would be something simple like the file-dates of the web-page creation files .... the typical hack of this sort would leave an .html or .php file with the most recent date showing. But, yes, it would depend on the craftiness of the hacker. lthough my immediate reaction would be to get the bad code off-line and replaced with a copy of the 'backed-up good' version, the question of analysis is still valid, I suppose. Again, my first reaction .... hit it with the FireFox add-on tool "firebug" which would allow one to pretty much see the page make-up. You didn't say whether you had anything above user-level access to this server, but even then, the majority of the codebase structure should be available. Of course, the killer question is whether the hack vector has been discovered and closed. The entrance may not have actually been a server-hack, it may boil down to an exploitable application running on the web-server, the more typical problem of something allowed to get into the SQL database that then gets included on the displayed pages that is allowed to progress on exploitable (or trusting) web-bowers.
  10. At the top of this page, check the dropdown menu offered under the link FAQs & Words .... The Glossary hasn't been touched in quite a while as we've tried to move it all over into the Wiki. Please see Why are there so many different account names/passwords needed? SpamCop Reporting Accounts OK, you had a SpamCop e-mail account. It would follow that you have things set-up to log into either webmail.spamcop.net or mailsc.spamcp.net ..... both would be trying to use the credentials of this "paid" account, and trying to connect to the CESMail servers. Pointing your web-browser to www.spamcop.net should allow you to then login using the your non-SpamCop.net e-mail account data (or Register using that address??) as this would use the Cisco/IronPort/SpamCop servers for the Parsing & Reporting System. Can't thiink of that many instances where the MailWasher "Bounce" feature has been mentioned without the pretty much automatic answer being provided. Do NOT use it!! It is a wonder that they still include that function, as it will only serve to get "you" into trouble.
  11. Not sure. The "added headers" needs some kind of definition. At this time, I'm of the thought that OE6 Secure handling of e-mail, Why Forward won't work might be worth a look, even with the assumption that OE6 isn't the e-mail client in question. There is a whole section on "how to ..."" stuff in the single-page-access-expanded version of the SpamCop FAQ and the SpamCop Wiki both found via links at the top of this page.
  12. Moved out of the E-mail System & Accounts Forum section and placed into the Announcements Forum section with this Post, Yeah, I know .. I'm not supposed to do this, but ...???? A Parsing & Reporting System outage tossed into the E-mail System section doesn't seem right.
  13. Please re-read the 'error' message. There is quite a pile of servers involved in the handling of your incoming. Sending e-mails this huge is simply problenatic, as stated in so many places. For example, a general defaullt of a PHP install these days is a file-size limit of 4-Meg (up from 1-Meg just a few years back) .... It is possible that the actual issue was that a huge (e-mail with an attached) file was received, and during the processing/handling, it hit a server that hasn't had a manual configuration change to bump up some of the defailt limits. So there would have been a "file write" error when trying to save the incoming.