Why are we getting Russian spam?

[zombie]

"Zombie, that is interesting info about the source servers. I'm interested to hear where you found it. "

Pm'd.

Yeah... No need to piss these guys off, and start a muscle flexing contest. They have the entire net to mess with. It's like a few million, against one fight.
You got US tho (if that helps)...

[1g0g]

in Russia, too, a lot of spam before Christmas, many believe that this is an American spam))

[bluesin]

Avoid ALL posts by AlbertMer today ( unless you want to play casino games with Russian hackers ) .

[1g0g]

 

[zombie]

The US is just as guilty as everyone else with one real exception. The rest of the world is busy finding zombie computers to spread the spam, while the US is actually hacking servers around the world to seize control, and eventually shut down the net.

If your next question is "How do you know this?"

I was at the meeting...

[1g0g]

If your next question is "How do you know this?"
I was at the meeting...

 

[zombie]

    

[zombie]

Ok, here it is in real time...
 I just got a "port scan". The IP is  (94.102.51.20)
Went to...   http://whatismyipaddress.com
The ip comes back...
General IP Information

IP:   94.102.51.20
Decimal:   1583756052
Hostname:   94.102.51.20
ISP:   Ecatel LTD
Organization:   Ecatel LTD
Services:   None detected
Type:   
Assignment:   Static IP
Blacklist:   
Geolocation Information

Country:   Netherlands nl flag
State/Region:   Noord-Holland
City:   Amsterdam
Latitude:   52.35  (52° 20′ 60.00″ N)
Longitude:   4.9167  (4° 55′ 0.12″ E)

Google search for Ecatel LTD...
Cloudflare and Ecatel working together to help Cyber crimals ...
www.webhostingtalk.com › ... › Dedicated Server
Aug 14, 2012 - 15 posts - ‎7 authors
I am here to inform you all of Ecatel's and Cloudflare's relationship. Ecatel want proof of there clients doing anything illegal? Well isn't hosting a ...

This is what most of you are not seeing happen to your PC's.
If there is any flaw in your security (ie: your PC returns their ping) your PC is now the one that is forwarding their spam/or worse.
They find an open in port, transmit their data which flows thru your out port, and carries your IP to the next destination.
Generally they are looking for zombies. Computers to do their bidding. The more they find the larger their influence on the net, and the more spam they can deliver.

To stop them you need either Fort Knox firewall or Eset NOD firewall, AND Peer Block.
Fort Knox or ESET are the only firewalls I know of the report both port scans, AND MAC spoofing. Once they report a potential attack you can add that IP to Peer Blocks block list, and sleep tight.

Without these reports... there is no way of knowing if/when you are zombified.

[bluesin]

Thanks for the info ! Good to know.

[zombie]

It's more important than most think. Cyber attacks are not happening less often.

They are happening thousands of times an hour. It's a game of odds if your system is using sub par or antiquated security.
The firewall is the front line of defense.

This is where you go to test your firewall. I'll bet 80% of you that take the test will fail.
If you do, I can show you where to get what you need for free.

https://www.grc.com/x/ne.dll?bh0bkyd2

[zombie]

Here's an update on all this...

My GF, and her GF were using my living room PC. It's a sophisticated rig to say the least.
I can manage it because I built it but these two gals had no clue what all the warnings/notifications meant.

They went about their business, and shut it down. When I powered up this morning I started seeing, "Florida Dept. of Banking and Finance" show up on PeerBlock.
Looking at the source it was originating from MY PC.

Open the firewall logs to find my Opera Browser auto Update is the program sending this. Opera was not even running, just the updater.

I ran several virus scans/nothing. I ran several "rootkit" checks/nothing. I ran several Malware checks/nothing.

Finally I opened the Opera folder, and removed the auto update file, and re-installed a new EXE. file.
The traffic stopped.

I was not here when this began so I can not say where this "Worm?Trojan" came from but without PeerBlock, and the firewall combo I have, my PC would be doing who knows what, and who knows where.

My suspicion is my computer was zombified to do someone else's dirty work.
It's a scary place, the web... Just for example... PeerBlock is right now set on my pc to block 1,339,593,233 ip's
That's Billion w/ a B. These are only the KNOWN ip's you don't want contacting or being contacted tru your pc.

Check it out for yourself. You'll be amazed at what is connecting thru your pc every time you switch it on...

http://www.peerblock.com/

https://www.iblocklist.com/

Here's another Very good firewall... free. It does NOT detect MAC spoofing but it does log everything.

http://www.privacyware.com/products.html

[GLV55]

Ummm.....wow.....way over my head. Just glad you're on our side, Z. (You are on our side, right?)

[zombie]

!,000,000,000,000 % GLV!

I actually know very little about all of this stuff. I do know enough to follow the bread crumbs but that's about it.
Coding is like magic/alchemy to me so I stick to software, and researching cures to problems.

Another example... 2 nights ago I was D'loading that movie "The Interview". (the one N.Korea is "supposedly" upset about)
Normally I see a lot of "anti P2P groups based in the US attempting to infiltrate, and stop p2p swarms.

On this torrent there are dozens of China based organizations attempting to stop it or at least get info on who/where. Chinese universities/Govt. based organizations, and LOTS of different IP's based in Beijing. Normally they don't bother with pirate traffic.

Just sayin... There are MANY more bad guys out there than just the NSA.

Ps... If you get the chance to see that movie... go for it. It is F'n funny!!!

[GLV55]

Thanks for the tip on the movie!

[zombie]