Log in

No account? Create an account

Previous Entry | Next Entry

Some parts of the 'net need chlorine

I get a lot of Spam. I get some really obnoxious Spam. This gem was in my in-box this morning.


Date: Wed, 14 Sep 2005 16:51:42 GMT
From: vivienraymer@ad.funnel.revenuedirect.com.akadns.net
To: xxxxxxxx@xxxxx.xxxxxx.xxx
Subject: Lolitas hardcore

Taboo club open. Child Porn exclusive archive.

Softcore and hardcore.
Forbidden pics.
Very Little Children.

Take a free tour at http://seadvdcompany.com

No joke. Child Porn exists.

I do something about Spam like this. I took a peek at the site to see if it was what it claimed to be. It was. In spades. After washing my eyes and my laptop with Lavoris I did a traceroute to the server to see who owned it.


C:\users\seshipma>tracert seadvdcompany.com

Tracing route to seadvdcompany.com []
over a maximum of 30 hops:

1 2 ms 2 ms 1 ms sh_arn_eth0 []
2 10 ms 9 ms 9 ms co_bln01_fr0 []
3 11 ms 11 ms 10 ms co_bln03 []
4 12 ms 17 ms 11 ms co_att-cisco_eth0 []
5 21 ms 20 ms 19 ms att-next-hop []
6 29 ms 29 ms 29 ms gbr1-p20.n54ny.ip.att.net []
7 31 ms 33 ms 31 ms tbr2-p013801.n54ny.ip.att.net []
8 31 ms 30 ms 36 ms tbr2-cl1.wswdc.ip.att.net []
9 73 ms 70 ms 119 ms gar1-p390.ascva.ip.att.net []
10 175 ms 200 ms 284 ms
11 51 ms 39 ms 34 ms ge-3-1-0.p440-msr1.re1.yahoo.com []
12 29 ms 28 ms 30 ms unknown-206-190-41-73.yahoo.com []
13 37 ms 38 ms 37 ms p6w6.geo.re2.yahoo.com []

Trace complete.

...And found that the site was hosted on a server own by none other than Yahoo!

I went to www.arin.net (the American Registry for Internet Numbers) and used their whois tool to lookup ownership information for the server's IP address.

ARIN's records list full information for the organization that has been issued the block of IP addresses that the server's address is part of. Included in there are abuse email addresses. And one's that work; they're the abuse email addresses ISPs use to tell each other when someone is screwing up on the net.

I forwarded the spam (with full headers) and the results of the traceroute to all of Yahoo's listed abuse addresses.

This afternoon I checked the site again, and was very pleased to see that it was down, hard. Now, any number of other people could have alerted Yahoo to this kiddie-porn emporium, but I'd like to think that I had a hand in helping get rid of this one. I can only hope that the Yahoo staff called the Feds instead of merely pulling the plug on these perverts.


( 3 comments — Leave a comment )
Sep. 15th, 2005 01:04 am (UTC)
Chlorine? Naah. How about a nice dose of pure sodium in their bathwater?

Good work, dude.
Sep. 15th, 2005 03:16 am (UTC)
Sep. 20th, 2005 09:18 pm (UTC)
Today this arrived
What a nice little form-letter pat on the head.
Date: Tue, 20 Sep 2005 13:53:08 -0700
From: Yahoo! Domains <domains-abuse@yahoo-inc.com>
To: [me]
Subject: Re: Lolitas hardcore (fwd) (KMM21562097V49904L0KM)

Dear Sir/Madam,

Thank you for contacting Yahoo! Customer Care.

Thank you for informing us about possible inappropriate content in
Yahoo! GeoCities. We will review the information provided and will take
the appropriate action.

Please continue to notify us of any questionable content you find in
Yahoo! GeoCities. We are very concerned about preventing the abuse of
our properties, and we will continue to evaluate any material that
violates our Terms of Service.

Thank you again for contacting Yahoo! Customer Care.


Yahoo! Customer Care
( 3 comments — Leave a comment )

Latest Month

January 2017


Powered by LiveJournal.com
Designed by Lilia Ahner