« previous next »
Pages: [1]   Go Down

Author Topic: Bad events - forum spam from IP...  (Read 1322 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34057
  • malware fighter
Bad events - forum spam from IP...
« on: April 03, 2017, 10:52:25 PM »
Full bogons....

See: http://urlquery.net/report.php?id=1491251332546
Flagged here: http://www.projecthoneypot.org/list_of_ips.php  ->  http://www.projecthoneypot.org/ip_5.188.211.72
See: https://stopforumspam.com/ipcheck/5.188.211.72
Reported as spammer IP: https://cleantalk.org/blacklists/5.188.211.72
On blocklist: https://www.blocklist.de/en/view.html?ip=5.188.211.72&page=1651
See: https://myip.ms/view/blacklist/96260936/Blacklist_IP_5.188.211.72

Excessive server info proliferation detected - Potentially risky methods: TRACE  Apache httpd 2.2.15 ((CentOS))
Apache HTTP Server Test Page powered by CentOS  Netcraft risk status 9 red out of 10.

polonus
« Last Edit: April 03, 2017, 10:57:05 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89675
  • No support PMs thanks
Re: Bad events - forum spam from IP...
« Reply #1 on: April 03, 2017, 11:09:02 PM »
Not sure who this applies to the forums as we have no members with that IP.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34057
  • malware fighter
Re: Bad events - forum spam from IP...
« Reply #2 on: April 03, 2017, 11:39:32 PM »
DavidR,

This is not particularly meant to deal with the problem of spam (content spam) at these here forums.
I would certainly not go into details about that here, and one could easily understand why.

The analysis is just a way to demonstrate how one could check a particular flagged IP against such abuse listings.
The example is just completely  random and recent. So the "reported" in there should NOT be read as 'reported here'.

This does not mean to say that eventual spammers of avast support forums here could not be dealt with through similar methods of checking where they came flagged, mostly over rather recent periods. It is just to explain the methodology what I posted here.

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »