| View previous topic :: View next topic |
| Author |
Message |
trobbins
SIRT Handler
Premium Member
Joined: Feb 19, 2007
Posts: 1171
Location: USA
|
 Posted: Tue Jun 03, 2008 9:41 pm Post subject: |
|
|
Ignore #7
In the beginning when that page failed to load and I didn't realize I could go directly to the edit page, I abandoned it and started over with Todaynic2.
|
|
| Back to top |
|
 |
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2901
|
|
| Back to top |
|
|
trobbins
SIRT Handler
Premium Member
Joined: Feb 19, 2007
Posts: 1171
Location: USA
|
| Posted: Thu Jun 05, 2008 2:30 am Post subject: |
|
|
The wiki is now up to date.!
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2776
|
| Posted: Thu Jun 05, 2008 2:39 am Post subject: |
|
|
| trobbins wrote: | | The wiki is now up to date.! |
Thanks! I am constantly in awe of your ability to track all these domains. 
|
|
| Back to top |
|
|
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2901
|
| Posted: Thu Jun 05, 2008 9:30 am Post subject: |
|
|
Acting as a trigger for Xin Net, the wiki entry for Xin Net is proving a wonderful means of cleaning up a huge backlog of illegal domains.
In the past two weeks, Xin Net has gone from a rate of <2% compliance to 60%, and we are talking 13,000 identified sites.
The remaining 5,460 are being removed today, and the task is more than half way through already.
If Xin Net can match TodayNic-1 at 100% of 1,650 requests, we will have a major turn-around. And at the rate they are going, that looks achievable before the end of the next week.
Huge kudos goes to trobbins for tracking and reporting all these sites.
|
|
| Back to top |
|
|
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2901
|
| Posted: Thu Jun 05, 2008 1:10 pm Post subject: |
|
|
Today, working into the night, Xin Net removed all but a tiny few of the 13,280 spammed sites reported in the Wiki at http://wiki.castlecops.com/Bulk_Spam_Reporting#Overall_results
Congratulations to the team of "digilantes" who put this campaign together, with an unprecedented result.
|
|
| Back to top |
|
|
trobbins
SIRT Handler
Premium Member
Joined: Feb 19, 2007
Posts: 1171
Location: USA
|
| Posted: Fri Jun 06, 2008 3:21 am Post subject: |
|
|
461 new domains added to the wiki since 2008-06-04
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2776
|
| Posted: Fri Jun 06, 2008 5:38 pm Post subject: |
|
|
I thought I'd gather the Chinese names of these companies to make it easier to tell which is which. Unfortunately, it turns out those names are a lot more similar than the English names would suggest. But here goes:
TodayNIC = 广东时代互联科技有限公司
广东
Guangdong
时代
Era
互
of the Internet
科技
Technology
有限
Limited
公司
Company
Bizcn.com = 厦门华商盛世网络有限公司
厦门
Xiamen
商盛世
Towards Prosperity
网络
Internet
有限
Limited
公司
Company
Xin Net = 北京新网数码信息技术有限公司
北京
Beijing
新
New
网
Net
数码
Digital
信息
Information
技
Technology
有限
Limited
公司
Company
(but usually you just see 新网 "New Net")
Beijing Innovative Linkage Technology (BILT, dns.com.cn) =
北京新网互联科技有限公司
北京
Beijing
新
New
网
Net
互
Internet
科技
Technology
有限
Limited
公司
Company
(Their logo has 新网互 -- plus a fourth character that doesn't seem to want to copy and paste -- which is basically new (xin) net internet).
It must be lots of fun telling them apart in Chinese.
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2776
|
| Posted: Sat Jun 07, 2008 10:28 am Post subject: |
|
|
Just figured out bizcn.com's logo: 商务中国
商务
business
中国
in China
And I just got spammed with some Penis Enlarge Patch/Anatrim/Erectofix domains registered as .com.cn domains by 北京新网数码信息技术有限公司 (Xin Net) using a registrant name 李小惠 (Li Xiaohui).
Those sites had been using U.S. residents' stolen identities to be registered with more "legitimate" registrars in the past. Did they think we wouldn't figure out this is Xin Net? Talk about out of the frying pan, into the fire. 
|
|
| Back to top |
|
|
trobbins
SIRT Handler
Premium Member
Joined: Feb 19, 2007
Posts: 1171
Location: USA
|
| Posted: Sat Jun 07, 2008 5:02 pm Post subject: |
|
|
I noticed that too last night. I have 370 registered at 北京新网数码信息技术有限公司 (XIN NET) I'm going to add them to the XIN NET wiki page.
|
|
| Back to top |
|
|
kamaraju
Corporal
Joined: Mar 07, 2007
Posts: 65
Location: USA
|
| Posted: Wed Jun 18, 2008 5:54 pm Post subject: |
|
|
I have a question about http://wiki.castlecops.com/index.php?title=XIN_NET_Removals#Name_Servers . I have a bunch of nameservers that I have reported to Xin Net via complainterator. I would like to add these nameservers in the above link. That way I can track the progress of my complaints. However I do not know in what category these nameservers fit in. For example, when I reported successand[dot]com, complainterator also reports ns0[dot]yourfastbox[dot]com etc., But I am not sure if all the sites in ns0[dot]yourfastbox[dot]com are of "canadian pharmacy" type. How can I find out the category for a given nameserver? Is there any deterministic way of doing this?
thanks in advance
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2776
|
| Posted: Wed Jun 18, 2008 6:58 pm Post subject: |
|
|
| kamaraju wrote: | | How can I find out the category for a given nameserver? Is there any deterministic way of doing this? |
Unfortunately, you pretty much have to look at each domain and see what site they load. There are some useful tools on the spamtrackers site http://spamtrackers.eu/downloads/
IDSpam: will take a list of domains and look up the registrar from the whois, the title from the page source, or both, and output in a text file. If you have a list of domains on URIBL or some similar feeds, it will take that as input without you having to extract the list of domains yourself. Downsides: Some heavily spammed brands, such as Elite Herbal or Canadian Health&Care Mall/My Canadian Pharmacy, will count how many time you visit from the same IP and start giving you a blank page. And the Elite Herbal/King Replica/Canadian Healthcare folks are great for rearranging which brand is on which domain. If you are posting to SiteAdvisor, for instance, your reviews have to take that into account or they won't make any sense a week later. Also, since you are actually visiting these websites, all the usual cautions apply about avoiding malware. I would use a browser other than Internet Explorer and have javascripts turned off, eg. via the Noscript extension for Mozilla browsers. And I'd be sitting nearby to make sure nothing tried to download a file by refreshing the page (generally IDSpam moves to the next lookup too fast for that to happen, but if you see a spam page hanging, watch out for a download window popping up so you can pause the program and cancel the download). In the unlikely event you miscalculate what type of domains you are looking up and you see kiddie porn images on a site, terminate IDSpam and report the domain to Cybertipline (http://www.missingkids.com/cybertip/) to protect yourself from any possibility someone could accuse you of "viewing child porn," since those images will be on your hard drive.
Prefix: will take a list of domains in a text file and do various repetitive tasks from the command prompt window. You can get the list of which domain is on which IP, for instance (good for distinguishing live from parked from dead domains), lookup the whois for each domain and search for terms like "clientHold" or the name of the registrar, etc. This is a faster way to do the registrar lookup than IDSpam, but it won't be able to tell you the spam brand. If you are looking up whois info, it is subject to the usual limitations, eg, the information may not be up to date, or a site that does not say "clientHold" may still be dead for other reasons, at least temporarily.
|
|
| Back to top |
|
|
ahoier
SIRT Handler
Joined: Jan 14, 2006
Posts: 1065
Location: USA
|
|
| Back to top |
|
|
trobbins
SIRT Handler
Premium Member
Joined: Feb 19, 2007
Posts: 1171
Location: USA
|
|
| Back to top |
|
|
trobbins
SIRT Handler
Premium Member
Joined: Feb 19, 2007
Posts: 1171
Location: USA
|
| Posted: Wed Jun 18, 2008 8:26 pm Post subject: |
|
|
| kamaraju wrote: | I have a question about http://wiki.castlecops.com/index.php?title=XIN_NET_Removals#Name_Servers . I have a bunch of nameservers that I have reported to Xin Net via complainterator. I would like to add these nameservers in the above link. That way I can track the progress of my complaints. However I do not know in what category these nameservers fit in. For example, when I reported successand[dot]com, complainterator also reports ns0[dot]yourfastbox[dot]com etc., But I am not sure if all the sites in ns0[dot]yourfastbox[dot]com are of "canadian pharmacy" type. How can I find out the category for a given nameserver? Is there any deterministic way of doing this?
thanks in advance |
I have a single field for brand in my db and I put every brand I know of for each name server in that field. When I export the name servers, they are grouped by the brand field. That is how I put them in the wiki. Now, I didn't put all the name servers there yet, I only added a few to get them started and to see if they could suspend them successfully first before adding any more. I have about 3x as many name servers left as are listed waiting to be put in the wiki.
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
