suzyrice.com Rotating Header Image

CALLING 9/11:

BD21298_.gif Perhaps everyone should start calling alestra.net.mx. and yelling, “stop it!”

But block your number first if you do because, otherwise, I get the impression that your number just might not be regarded with much respect if it’s captured.

ALESTRA.NET.MX
148.244/16
inetnum: 148.244/16
status: reallocated
owner: Alestra
ownerid: MX-ALES-LACNIC
responsible: Inet Administrator
address: Ave. Munich 175, Col. Cuauhtemoc, 175,
address: 66450 – San Nicolas de los Garzas – NL
country: MX
phone: +52 81 87486201 [6201]
owner-c: INA2
tech-c: INA2
inetrev: 148.244/16

Added suggestions/more information:

BD21298_.gif BAN ALESTRA.NET.MX:
148.244.150.58 (open proxy)
148.244.150.57 (also open proxy)
207.248.240.119 (new)
207.248.240.118

148.144.15.X and 207.248.240.X

BD21298_.gif BAN MEXICO PROXY FIREWALLS:
148.208.135.5
148.223.42.82
148.223.42.85
148.223.105.82
148.223.216.167
148.223.216.173
148.244.153.253
148.244.150.52
148.244.150.58
200.34.99.9
207.248.240.119
—————-
64.234.220.141
219.95.14.69
219.150.118.16

209.210.176.0 – 209.210.176.63
CIDR: 209.210.176.0/26

BD21298_.gif And then consider calling your local police and writing to your Senators for purposes of complaining about a threat to national security from ongoing abuses using the internet — by trackback, referral and comment spammers, a lot of which is being pushed along by alestra.net.mx.

One anti-spam blogger (“Spam Huntress“) asserts that this (particularly aggressive trackback/commentor/referrer spamming) is the result of the actions by one “spam ring run out of Bulgaria” (and also offers other useful ideas). But that site also suggests banning alestra.net.mx due to the huge amount of junk alestra.net.mx is spewing (do a google search of their domain name and then just look at all the spewing from their servers — and that open proxy particularly — all over the internet). Obviously, alestra.net.mx and the Bulgarians have a relationship. A very, very offensive relationship.

Moreover, I’ve looked over so many other site stats published on the internet, easily locatable by searches for any one or a few of the ongoing spammer attempts to this blog (and so many others, from what I read), and I find that the same group of numbers (however extensive) is identified to most of us with blogs. And then block the most often repeating offending I.P.A.s from your server’s (or servers’) .hta access, preventing them from accessing your domain.

Also, as most of us conclude, yes, there’s a zombie-network of infected computers being used to send out the spam (another area for improvement and that is to get people to maintain better housekeeping and security habits on the computers they use, and networks who need to improve their security habits).

But, even blocking the offending I.P.A.s from a server’s .hta access does not, unfortunately, prevent the offenders from ongoing hits to a site address and your server from having to respond to those hits…if ever I’ve experienced online terrorism, this is it. And, even though the Movable Type Blacklist plugin does not prevent the offenders from attempting access to my/any site, such that the problem remains that servers are easily overwhelmed by these creeps, and if not overwhelmed, at least easily and very often preoccupied by them. The bandwidth is paid for by us end-use customers, as is our connectivity itself, to further the insult: it is unwelcome, ongoing and aggressive use of end-user resources without invitation or permission and, worse, relentless without regard for end-user responses.

Our legislators need to do something to effectively bring about an end to this sort of attack on internet resources. Since many proxy addresses are (also) blocked by me from visiting this domain/blog site on that domain — as with huge ranges of I.P.A.s from countries most irresponsible about their networks (those in China, Bulgaria, Africa, Mexico, Guatemala, Columbia, Brazil, some in Pakistan and many in Iran, worse) — and what you end up with is many random individuals blocked from reading sites in other parts of the world and all because irresponsible spammers chug out crud 24/7 and mostly aimed at a lot of sites in the United States (and elsewhere, but since I’m a citizen of and reside in the U.S., that’s my focus as to this issue and discussion about it). Which equals to my view a targeting effort to close down internet communications.

From the last three days, I have over one hundred comment/trackback spammer attempts from 148.244.150.58 and 148.244.150.57 (alestra.net.mex) and that’s just those two offenders — from many other repeat offending I.P.A.s, there are many more hundreds of failed trackback and commment spam attempts. It’s their very insistence on interacting with my server that bothers me at this point.

BD21298_.gif As to referral spam, that appears (so far, based upon my site stats) to mostly originate from the same I.P.A.s located in China, since the many ongoing permutations of bogus site URLs are identifiable as being from the same few I.P.s, as follows:

I.P.A. –> 64.4.195.62
= zeus.anet-chi.com
64.4.200.0/22
64.4.192.0/19

and,

I.P.A. –> 219.150.118.16
= CHINANET and CHINATELECOM
219.150.112.0 – 219.150.255.255

and,

Trackback/Referral/Comment Spammer Servers:
64.4.195.62
= > 64.4.192.0 – 64.4.223.255
Naperville, ILL (backbone…)
64.4.195.62 (CHINA)
64.27.27.150 (CHINA)
64.27.27.203 (CHINA)
64.234.220.141
66.154.7.97
66.154.58.173
82.147.142.46
209.59.165.114 (Deprecated; all domains moved from the host)
212.95.167.236
219.150.118.16
221.10.224.230

include…
161.58.59.8
219.150.2.2
219.150.1.1

BD21298_.gif When I have more available time later this week, I’ll post the long list I have collected of the ongoing offending I.P.A.s who have contacted this site. As I wrote earlier, and as most users are aware (a rhetorical point, again, here), although most if not all of these spammer offenses are (now) blocked by MovableType’s Blacklist and a few other program tweaks, my server still has to bear the brunt of the inquiries from the spammers and from what I can easily read in logs and site stats, there is a great abuse of computing resources being caused by these irresponsible spammer hacks.

And hacks they are. Security measures, realistically, that I can think of that might be at least effective measures to bring about remedies to this problem are…all that comes to mind is a visit to servers responsible by a few big guys wielding sledge hammers and a few more with backhoes outside, destroying hard wiring.

I’m sure someone else with greater skill can think of more effective and simpler helps from a point of technology, but the fact that some in our world can so abuse the computing resources of others and remain unpunished, much less remain fixed in their deeds, is very offensive to my view. Much less expensive in time and energy involved in even discussing, much less remedying, end-user harms caused by this huge volume of harrassing and offensive, unwelcome contact.

Obviously, those responsible for the unwelcome internet contact are not going to stop what they’re doing, so it’s up to some of the rest of us to bring about an end to what they’re doing. Otherwise, we’re part of the problem.

NOTE:

BD21298_.gif Public Proxy Servers can be found here — many of them are used to harass the rest of the world by those who harass the rest of the world via the internet and many of the server I.P.s are easily recognizable to those who read their site logs, as to ongoing spam attempted there.

BD21298_.gif Oppleman offers a great site for reference purposes.


C O M M E N T S : now closed