-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi there,
I remember we were doing this in Singapore a few years back to reach
some of the website that were blocked by the provider's proxy, it was
just a matter of converting an IP number (which is a 4 bytes word) to
the equivalent 32 bit integer.
Something like:
black.box.sk =>
66.250.131.132 =>
0x42F48384 =>
1123320708
I don't know if it works on IE anymore, on Firefox and Konqueror it doesn't.
Regards,
Paolo.
Mike Davis wrote:
hehe, didnt even notice max untill i hit reply...
the this be a screwy way to get some poor implementation of
gethostbyname() (windows?) to interpret as an ip address? i vaguely
recall an ie flaw a few years back doing something similar to disguise
urls.. but i think they were removing dots like this:
http://19216818/pornsite.html
dont remember
-phar
On Thu, 2005-12-29 at 00:33 -0800, mis@seiden.com wrote:
this has been going on for weeks.
i believe they're all open proxies or spambots.
(some of us use this as an oracle for open proxies.)
On Wed, Dec 28, 2005 at 04:39:14PM -0500, max wrote:
Hello all,
I find this inmy logs throughout the day today:
Dec 28 16:35:52 finn postfix/smtpd[13320]: NOQUEUE: reject: RCPT from
pcp0012209034pcs.blairblvd.tn.nash.comcast.net[69.245.57.210]: 501
<-1217882552>: Helo command rejected: Invalid name;
from=<shuu@grandlakeindexing.com> to=<dylanfans-unsubscribe@dylanirvana.com>
proto=SMTP helo=<-1217882552>
Notice that helo section is a negative number (which is why my postfix
rejects the message)
There are about 5 messages a minute at its peak, and this has been going on
most of the day today (EST time zone)
Some of the connecting IP's are listed in various black lists, such as OPM.
Has anyone noticed this as well? Is this a virus or just some new spam tool?
Some more rejected messages below:
Dec 28 16:37:50 finn postfix/smtpd[34627]: NOQUEUE: reject: RCPT from
cpe-66-75-65-130.socal.res.rr.com[66.75.65.130]: 501 <-1218008120>: Helo
command rejected: Invalid name; from=<Laudat@gma-consulting-fr.com>
to=<dylanfans-unsubscribe@dylanirvana.com> proto=SMTP helo=<-1218008120>
Dec 28 16:37:54 finn postfix/smtpd[13320]: NOQUEUE: reject: RCPT from
unknown[219.130.49.89]: 554 Service unavailable; Client host [219.130.49.89]
blocked using opm.blitzed.org; Open proxy - see
http://opm.blitzed.org/219.130.49.89; from=<burkel@greenacresmortgage.com>
to=<max@neuropunks.org> proto=SMTP helo=<-1209697480>
Dec 28 16:38:10 finn postfix/smtpd[34627]: NOQUEUE: reject: RCPT from
194-144-9-218.du.xdsl.is[194.144.9.218]: 501 <-1209697480>: Helo command
rejected: Invalid name; from=<brenno@grandslamtennistours.com>
to=<max@neuropunks.org> proto=SMTP helo=<-1209697480>
Thanks,
Max
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFDtKAqqAaEpZvj+VMRAkVgAKCJ2qGHtRSC/k8azkfswBC+qfALDQCfZYEi
lajhPf57AheuEMKZ0UqmO4E=
=sBNt
-----END PGP SIGNATURE-----
