Domain: 2mbit.com
Stories and comments across the archive that link to 2mbit.com.
Comments · 14
-
Re:What about....
Is this Ralsky's house?
I know from the Tiger-2004fe dataset that the street address should be along that section of road.
From the pictures that are out there, it looks like it might be it.
It's hard to tell for sure. It might be the one to the north, which was still under construction as of 2002-04-10.
Looks like a pretty nice area, although since the wooded area behind it appears to be floodplain/swampland, I'll bet there are a lot of annoying bugs during the summer. -
Mailing List
I've setup a mailing list for discussion of the SiteFinder issue. Its unmoderated, and open discussion.
http://wwwapps.2mbit.com/mailman/listinfo/sitefind er-discuss -
What about the jobs they create for us?The high energy blather at the EMarketersAmerica.Org website (as mirrored here includes this tidbit:
And, most importantly we create jobs!
Which, I suppose is true: I work for a medium sized University, and 4 of our 40+ employees in Info Services work at least part time on fighting spam. Of course we all overworked, so there would be other things for them to do.
But what about the tens of thousands of dollars we spend to keep our email systems able to store a dozen T-bytes of spam? That's important for the economy too, right?
Sort of like how criminals help the economy by necessatating prisons, hand cuffs, bullets for themselves and the police, etc.
Yeah, that's the ticket.
-
MD5 Checksum, Mirrors, et cetera, for W.A.S.T.EWhile there are a lot of mirror sites that you can download W.A.S.T.E., please make sure that the file or filess you have downloaded is genuine, and not been corrupted.
The MD5 Checksums for the various W.A.S.T.E. files are:e3609e352afba37683c47ce60f9086bb for the waste-setup.exe
554cfa7350333aa4e6eb3b6e24201d80 for the waste-source.zip
5645d0378b5bca6d2cf337686dca9a4d for the waste-source.tar.gz
115d1a2554db4490bdf97b9862df5 a24 for the waste.zipThe Technical Overview for the W.A.S.T.E. package has been coverted into HTML, courtesy of Mr. Lucas Gonze , and it is available at http://gonze.com/waste/WASTE_Design.html
A sourceforge project site has also been set up for the W.A.S.T.E. package. The project site is at http://sourceforge.net/projects/waste/ . It may be empty for the moment, but something will be cooked up very soon.
Below is just a partial list of mirrors for the W.A.S.T.E. package that are currently in operation:Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package
Kindly please click here to find out more about the W.A.S.T.E. package -
Re:Mirror
Oh, and for those who want to mirror it themselves:
http://waste.2mbit.com/waste.zip
That is the full website and sources. -
Mirror
I've setup a quick mirror at:
http://waste.2mbit.com
If you know of any other mirrors of the data, please e-mail me so I can add them to the main page. -
The only spam conference needed...
This problem is not difficult to solve. All you need is a "conference" of enraged global villagers marching up the road to Alan Ralsky's house equipped with dynamite, pitchforks, Bayesian filters, and burning torches! We could bring some diplomas from prestigious nonaccredited universities to get the fire going. And afterwards everyone gets Chinese food.
OK, maybe it wouldn't solve the problem, but it would make great reality TV. Wouldn't you rather watch a spammer get lynched than sit through yet another gold digger beauty pageant on FOX?
-
PICS OF THE RALSKY HOME
Looks a bit like Bates Motel if u ask me.
http://2mbit.com/egg/gallery/ -
Re:Any Updates
I've posted my story on a website here. I got too curious and decided to go for a ride, since this guy was right on the way home from a service call at work. Best to hit the photo mirrors here so the photo sites can be a bit more distributed.
I had a story submission on this that Taco and his bunch have sat on since Friday morning. Why?
Rich -
Ralskys House
I guess you're all interested in this, ok, more or less
:) Yes, the Jaguar actually followed the spotter and he got threaten on his voice mailbox. Mirrors here. -
It sure did for usI consult with a small ISP in Kansas. We started using MAPS' DUL and RSS quite a while back (zone transfers). Then I added the ORSS (zone transfers) which also gave me SPEWS, Spamhaus Block List (SBL), and SpamSites.org. When MAPS went commercial, we bought zone transfer rights to the RSS and DUL. About that same time I also added RSL, Summit Blocking List (SBL), and FlowGoAway who doesn't have a website. On top of all that I also reject mail from domains that don't resolve and I maintain an extensive Sendmail access list full of Alan Ralsky's domains, spam supporting providers like Broadwing, spamware vendors, and domains and IPs of every spamming outfit I come across. In total I'm up to 4682 entries. Oh, and I also filter message bodies on certain content that identify unique pieces of spam like all those "Enter your email address on this website to be unsubsribed" things. Works great. This time last year I was filtering maybe 10,000 pieces of spam per week. I'm over 100,000 pieces of spam per week now. Considering we only have 2500 users, that's a lot of filtered spam. Roughly 40 per person per week.
What all of this rambling means is that you can filter out a great deal of spam with the right DNS blacklists. I only use DNSbl's that allow zone transfers because I don't want network latency to slow down mail delivery. It really is a worthwhile thing to do.
Finally the best thing that you can do for your users is educate them. Give them very clear examples of how doing simple things like giving your personal email to a credit card company, entering it in a guestbook, using it in USENET, using it on any public discussion board, and many more can increase their spam intake many fold. Explain that to them. Show them the proof. It's not hard to generate spam. Hell create a dummy account and make a few posts in the newsgroups. Never give the address to anyone else and don't use it yourself. Give it a week. Then show the results to your users as proof of USENET address harvesting.
Finally, don't be part of the problem (this is to the parent of the article). Be proactive in fighting spam. Sitting back and bitching about it doesn't help anyone. If you put up a server that's an open relay then you fucked up. It's your responsibility as an administrator to make sure you do your job right. Putting up and open relay isn't doing your job right (are you listening all of you damned Exchange admins?! 90% of the open relays I find and report are running Exchange!!!). When you get spam, report it (called LARTing). Drop a copy to uce@ftc.gov. Reporting stock spam to the SEC. Report bogus drug scams (loose 100lbs tonight while you sleep!) to the FDA. Report Nigerian Monet scams to the Secret Service. Report the spamertised sites to their providers and ask that they investigate (don't accuse in case it's a Joe Job). Parse through the headers and learn to identify relayed spam, BS headers, and other tricks of the trade. Submit open relays for listing in all the open relay blacklists. Report it to the owner of the IP as well. DO YOU PART! If you're not going to do you part to fight spam or ensure that you're servers are properly configured, THEN GET YOU SERVERS AND YOUR ASS OFF THE 'NET BECAUSE YOU DON"T BELONG IN THIS COMMUNITY!! Don't be part of the problem.
-
My offer is open
Well, my offer is still open from the last sourceforge rounds.
If you want hosting, no ads, no hidden requirements, no surprises, let me know. The SOSDG is run by individuals, not by any company.
The Summit Open Source Development Group -
Re:Somethi-N-g most forget
"Have a place to submit spam incidents, such as a web form. Then process them to look for patterns."
Have you ever tried to run more than a handful of LARTS through a web form? It's a nightmare. I have 1200 pieces of Broadwing.net spam that I need to LART tonight. I don't know how I'd LART all of them via a web form.
Patterns aren't something that the average Joe would pick up on anyhow. Few people noticed that recently more and more spam uses a spoofed From: in the form of BSUser@yourowndomain.tld. If they do want to look for patterns, they could easily view thousands of spam reports in news.admin.net-abuse.sightings. Numerous people post their spam to it.
Provide separate zones for blocking sources of spam, and blocking web sites and ISPs where spammers might be hosting a web page. Not everyone wants to block the latter; I only want to block the source of spam."
Many DNS blacklist authors do just this. MAPS is a good example. You have the DUL which lists dial-up IPs only. The RSS which lists known && abused open relays. The RBL contains ISPs that are known to harbor spammers or at least be neutral to their abuse and ignore abuse complaints. The RBL+ is a combination of those 3. All 4 of those are their own zones. SPEWS lists
/24's from which spam originates. Occasionally they'll even list a whole provider that harbors spammers or spamware sites, repeated lies to people that mail abuse@, or are known to bit bucket abuse complaints. relays.osirusoft.com hosts many lists. Individual queries can be made to for any of the lists it hosts or you can transfer them all at once in a big zone file. relays.visi.com is the home of the RSL. It only lists open relays that have been abused, like the RSS and relays.osirusoft.com's base DNSbl. blackholes.2mbit.com is the home of the SBL (Summit Block List), not to be confused with the SBL (Spamhaus Block List) which is hosted by osirusoft. The Summit Block List contains abused open relays and hosts that have been directly involved in spamming. The Spamhaus Block List contains "known spammers, spam gangs, or spam support services" and is "by the same team that maintains the ROKSO database", a list of those spammers."Some anti-spammers are on a crusade to maximize collateral damage. I am not. I won't block a whole ISP because of a spammer unless that ISP is making it difficult to isolate and focus on the spammer."
In a small way I agree. I used to feel like you do now. I was very leary about blocking an entire ISP just because of the possibility of lossing legit mail. I quickly came to realize that blocking just a small piece of that ISP that's know to spam wasn't solving the problem. They'd just move elsewhere within that ISP.
"If they corner the spammer operation to a specific static subnet, I'll gladly block that, and I'd want to use a DNS blacklist that is equally focused."
This doesn't accomplish anything in the long term and little in the short term. Sure you block some spam from a spammer for a couple of weeks but they'll quickly figure that out and move to another block. If the ISP facilitates their move then they are supporting spammers. It's an all or nothing deal. You can't have your cake and eat it too.
Personally I block entire ISPs myself, in my personal access lists that are independant of group maintainted DNS blacklists, that are known to harbor spammers and ignore complaints. A perfect example of this is Broadwing.net. I have blacklisted every IP they have registered to them. That includes 3
/14's, a /24, and a /28. That's a lot of IPs. I have never seen anything but spam come directly from them. They harbor Alan Ralsky and many other well known spammers. They ignore spam complaints. They simply don't care. Whenever I LART their spam, I also LART their upstreams because I believe someone there will eventually notice. I know that no one at Broadwing will."Some of the anti-spammers are on the wrong crusade and not very many people will follow them."
This I have to strongly disagree with. I've been involved in protecting my resources from spam for some time now and have implemented many steps to prevent as much spam from entering my system as possible. I reject just under 1400 known spamming domains. I also reject all mail from a number of providers that harbor spammers as well. I utilize all the lists hosted by Osirusoft, relays.visi.com, blackholes.2mbit.com, and I'm in the process of resubscribing to the RSS and DUL. I even do some filtering on message content which has been incredibly successful. Last week I rejected almost 96,000 pieces of spam on one of my servers. That's pretty darn good. Of the 2400 users on this particular server, I've only had complaints from 3. 3 of them couldn't receive mail from a particular person on the 'Net that wsa being filtered by me. 1 was on an osirusoft list. 1 was attempting to send mail through their mailing list that's run by cybercon.com (a known spam supporter) and mail to subscribers on our end was bouncing. The other was a customer of a customer of Broadwing's. After explaining to them that we couldn't selectively allow mail to just them from the affected host and that we'd have to allow all mail to them unfiltered, they decided to suffer from more spam than miss out on their friend's email. One has changed his mind though. The rest seem to love it. The best advice I can say to you is to keep an open mind about these lists and what they do for us. Not every list is meant for all situations. I personally don't want to use the RBL. In the beginning I was leary about SPEWS. The rest I like. Join news.admin.net-abuse.email and keep up with some of the conversations of the anti-spammers that reside there. A plethora of information and insight can be had with them (I'm there too). good luck!
-
Re:Somethi-N-g most forget
"Have a place to submit spam incidents, such as a web form. Then process them to look for patterns."
Have you ever tried to run more than a handful of LARTS through a web form? It's a nightmare. I have 1200 pieces of Broadwing.net spam that I need to LART tonight. I don't know how I'd LART all of them via a web form.
Patterns aren't something that the average Joe would pick up on anyhow. Few people noticed that recently more and more spam uses a spoofed From: in the form of BSUser@yourowndomain.tld. If they do want to look for patterns, they could easily view thousands of spam reports in news.admin.net-abuse.sightings. Numerous people post their spam to it.
Provide separate zones for blocking sources of spam, and blocking web sites and ISPs where spammers might be hosting a web page. Not everyone wants to block the latter; I only want to block the source of spam."
Many DNS blacklist authors do just this. MAPS is a good example. You have the DUL which lists dial-up IPs only. The RSS which lists known && abused open relays. The RBL contains ISPs that are known to harbor spammers or at least be neutral to their abuse and ignore abuse complaints. The RBL+ is a combination of those 3. All 4 of those are their own zones. SPEWS lists
/24's from which spam originates. Occasionally they'll even list a whole provider that harbors spammers or spamware sites, repeated lies to people that mail abuse@, or are known to bit bucket abuse complaints. relays.osirusoft.com hosts many lists. Individual queries can be made to for any of the lists it hosts or you can transfer them all at once in a big zone file. relays.visi.com is the home of the RSL. It only lists open relays that have been abused, like the RSS and relays.osirusoft.com's base DNSbl. blackholes.2mbit.com is the home of the SBL (Summit Block List), not to be confused with the SBL (Spamhaus Block List) which is hosted by osirusoft. The Summit Block List contains abused open relays and hosts that have been directly involved in spamming. The Spamhaus Block List contains "known spammers, spam gangs, or spam support services" and is "by the same team that maintains the ROKSO database", a list of those spammers."Some anti-spammers are on a crusade to maximize collateral damage. I am not. I won't block a whole ISP because of a spammer unless that ISP is making it difficult to isolate and focus on the spammer."
In a small way I agree. I used to feel like you do now. I was very leary about blocking an entire ISP just because of the possibility of lossing legit mail. I quickly came to realize that blocking just a small piece of that ISP that's know to spam wasn't solving the problem. They'd just move elsewhere within that ISP.
"If they corner the spammer operation to a specific static subnet, I'll gladly block that, and I'd want to use a DNS blacklist that is equally focused."
This doesn't accomplish anything in the long term and little in the short term. Sure you block some spam from a spammer for a couple of weeks but they'll quickly figure that out and move to another block. If the ISP facilitates their move then they are supporting spammers. It's an all or nothing deal. You can't have your cake and eat it too.
Personally I block entire ISPs myself, in my personal access lists that are independant of group maintainted DNS blacklists, that are known to harbor spammers and ignore complaints. A perfect example of this is Broadwing.net. I have blacklisted every IP they have registered to them. That includes 3
/14's, a /24, and a /28. That's a lot of IPs. I have never seen anything but spam come directly from them. They harbor Alan Ralsky and many other well known spammers. They ignore spam complaints. They simply don't care. Whenever I LART their spam, I also LART their upstreams because I believe someone there will eventually notice. I know that no one at Broadwing will."Some of the anti-spammers are on the wrong crusade and not very many people will follow them."
This I have to strongly disagree with. I've been involved in protecting my resources from spam for some time now and have implemented many steps to prevent as much spam from entering my system as possible. I reject just under 1400 known spamming domains. I also reject all mail from a number of providers that harbor spammers as well. I utilize all the lists hosted by Osirusoft, relays.visi.com, blackholes.2mbit.com, and I'm in the process of resubscribing to the RSS and DUL. I even do some filtering on message content which has been incredibly successful. Last week I rejected almost 96,000 pieces of spam on one of my servers. That's pretty darn good. Of the 2400 users on this particular server, I've only had complaints from 3. 3 of them couldn't receive mail from a particular person on the 'Net that wsa being filtered by me. 1 was on an osirusoft list. 1 was attempting to send mail through their mailing list that's run by cybercon.com (a known spam supporter) and mail to subscribers on our end was bouncing. The other was a customer of a customer of Broadwing's. After explaining to them that we couldn't selectively allow mail to just them from the affected host and that we'd have to allow all mail to them unfiltered, they decided to suffer from more spam than miss out on their friend's email. One has changed his mind though. The rest seem to love it. The best advice I can say to you is to keep an open mind about these lists and what they do for us. Not every list is meant for all situations. I personally don't want to use the RBL. In the beginning I was leary about SPEWS. The rest I like. Join news.admin.net-abuse.email and keep up with some of the conversations of the anti-spammers that reside there. A plethora of information and insight can be had with them (I'm there too). good luck!