Streamyx uses bad IPs all the time

Coolio · #1 (**permalink**) 29-05-2007, 02:06 AM

Do you have problems sometimes to access certain sites, including your own?

Blame it all on Streamyx and TM Net...they are a bad ISP (confirm one)

If you notice all the dynamic IPs that Streamyx uses... all are bad IPs...so you will have problems with those spam watch dog sites and any sites that use them...

Grrrr...

Furious....I'm always getting these bad IPs...and Streamyx dont bother to clean up their IPs...

GeminiGeek · #2 (**permalink**) 29-05-2007, 02:30 AM

Don't blame streamyx for giving us the bad IP. Each ISP have their own range of IPs. Blame it on the user who abuses streamyx for their own spamming benefit, that causes the whole Streamyx IP ranged to be in the spam list.

I know TMNet already have bad reputation on giving us good service.. This issue, I believe cant be blame on TMNet. This, you have to blame the user for abusing the "fair use" of "shared" service. Shared as in Shared IP

Coolio · #3 (**permalink**) 29-05-2007, 02:56 AM

Do you know that if you use WordPress and you use the plugin Bad Behaviour...you cannot login to your own account?

After many retries using up practically all the IPs there,....then only can log in...

Sometimes I find myself barred from certain websites...again because of the IP problem...

Also, you can forget about using some hosts like Hostgator (US based host)...they wont accept your IP...usually they wont.

Alot of these shared IP that are blacklisted, are used by Streamyx...becos why?

I tell you why...low cost for them.

And they dont try to contact sites like SpamHaus and try to clean up some of the IPs they use...they just biar je...

iamfreelancer · #4 (**permalink**) 30-05-2007, 02:50 PM

i think is not fair to blame tm for this black listing ip thing since it not caused by tm themself... if you talk about line problem, couldn't connect, slow speed then you can point your finger to tm... like GeminiGeek explained... it just hard to clean-up coz everyday ppl use streamyx to spam... how much can you expect it to clean-up....

streamyx ip range start from 219.X.X.X, 218.X.X.X and 60.X.X.X. this translated to about 49++ mil dynamic ips(correct me if i'm wrong) ... with so much ip to check from how do you think tm and spamhaus gonna resolve this easily?? I don't think spamhaus will work with you on this issue... one day cleared the second day the user spam again and again...

maybe you can give tm some good suggestion to it or just live with it....

genzy · #5 (**permalink**) 30-05-2007, 06:40 PM

And also, the M'sian PCs connected to the network via Streamyx could be attacked by viruses that make these PCs become 'zombies' to spam the world.

GeminiGeek · #6 (**permalink**) 30-05-2007, 06:50 PM

Yeah, that could be another reason why most malaysian IP are blacklisted. Do some scanning and removing from time to time and also avoid using IE at all cost :P

yonghs · #7 (**permalink**) 30-05-2007, 07:42 PM

yup Genzy, i think a lot of Malaysian PCs are zombies and make up a huge botnet for spending spam .... about 70~80% of all internet users have infected PCs... scary huh!!! (I can't confirm the figure cos I read it from some survey by certain ani-virus vendor and can't remember the exact figure... if you can rmb post it here)

I think most Malaysian users are not too concerned about installing anti spyware or anti-rootkit software ... hmm, i think most won't even know what a rootkit is

............. and some will happily click OK to any pop up messages from dodgy websites.

For those who would like to know, a rootkit is a program that can mask certain processes from the operating system, thus it can hide spywares, trojans etc. The infected PC can be controlled by the attacker remotely and used to send spam..... very cost efficient way for spammers and very good way to hide from authorities.

genzy · #8 (**permalink**) 30-05-2007, 08:04 PM

The Star Online : TechCentral - Malaysia Technology

Quote:

Tuesday April 10, 2007

Survey: Most Malaysian PCs are 'zombies'

By JO TIMBUONG

KUALA LUMPUR: Malaysia is one of the most prolific distributors of spam and propagators of "spam zombies" in the Asia-Pacific region, revealed a recent survey.

It ranks No 5 as a spam distributor, among 29 countries. Topping this list is the Philippines, followed by Vietnam, Sri Lanka, and Laos, according to the survey by security solutions vendor Symantec Corp.

As a propagator of zombie machines, Malaysia is No 7 on the list. Topping it is China, followed by South Korea, Taiwan, Japan, Thailand and Vietnam.

These are PCs that have been compromised by hackers and used to launch spam e-mail, or phishing messages that lure computer users to mistakenly reveal personal information such as credit card details or bank account passwords.

Kannan Velayutham, a consultant for enterprise security at Symantec Malaysia, said the survey showed that 96% of computers in the country are zombie machines.

He said a large chunk of these machines are concentrated in the capital, where many PC users have broadband Internet access.

"These infected PCs are also linked into bot-nets – networks of multiple zombie machines – that help cybercriminals search for and accumulate confidential personal information more efficiently," said Kannan.

According to the survey, stolen personal information can also be sold on the black market; prices vary according to the type of information.

An online banking account with a US$10,000 (RM35,000) balance is worth US$300 (RM1,100), for example. A verified PayPal account, meanwhile, would fetch between US$50 and US$500 (RM175 and RM1,750).

Symantec also found that 84% of all e-mail messages originating from Malaysia is spam. In comparison, 86% of electronic messages coming from the Philippines are those annoying, unsolicited missives.

This and the high number of zombie machines in Malaysia is tarnishing the country's image.

One reason for the problem, the survey showed, is because new broadband Internet users in the country are generally unaware of the security precautions they need to take to safeguard their personal information and online identities.

Another reason is the widespread use of pirated software by local PC users, said the Symantec survey.

It said copies of pirated software sometimes contained trojans and other hidden malicious programs, and these are surrepticiously planted into computer systems when users installed the software.

After installation, the machines become part of a bot-net without the user's knowledge, said Symantec.

In this age of PCs permanently connected to the Web via high-speed connections, users need to be more cautious.

An antivirus program is not enough, said Symantec. Users need a security solution that combines antivirus, firewall and intrusion detection capabilities.

PC users are also advised not to view, open or execute any e-mail attachment unless it is expected or its purpose known to the recipient.

"Some spam messages come with pictures attached to fool spam filters; be careful of these," said Kannan.

Computer users should also be careful about disclosing confidential, personal or financial information online unless they know that the request for such is legitimate, cautioned Symantec.

The survey, conducted between July and December last year, involved Symantec setting up two million decoy e-mail accounts worldwide.

genzy · #9 (**permalink**) 30-05-2007, 08:05 PM

http://www.pcworld.com/article/id,12...S/article.html

Quote:

PayPal Phishers Use Malaysian Government Portal
Even secure sites were co-opted as zombies to distribute spam with scams.
Robert McMillan, IDG News Service
Monday, November 20, 2006 7:00 AM PST

An antispam researcher has uncovered a phishing scam that uses computers belonging to both a medical transcription outsourcing company and the Government of Malaysia.

The scam was discovered by Bill Carton, an engineer based in San Diego who has spent the last ten years as a volunteer antispam activist, shutting down bulk e-mailers in his spare time. Carton received an e-mail Friday morning that purported to be from eBay's PayPal service.

It read like a standard phishing pitch: "It has come to our attention that your account information needs to be updated," the e-mail said. "If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service."

What was unusual, however, was the fact that the link in the e-mail was to a fake PayPal site hosted by servers in the Malaysian government's gov.my domain.

"This one was interesting because of the Malaysian angle. A government server usually gets my attention," Carton said.
'Secure' Sites Co-opted

Closer investigation revealed that computers from another trusted source had been used to send out the phishing e-mail.

"The compromised mail server used to relay the spam and scrub off any evidence of where the spammer is, was not the typical home cable customer with a zombie infection, but Rxdocuments.com," Carton said. "They boast of having HIPAA-compliant software for patient privacy, but they were compromised and used as a spam-spewing relay. How trustworthy is that?"

Paul Laudanski, owner of Computer Cops and the leader of the Phishing Incident Reporting and Termination squad project, examined the phishing e-mail and agreed it appeared to have been relayed by Rxdocuments.

Rxdocuments.com provides dictation transcription services for physicians. It bills its products as "cost-effective, secure transcription adhering to the highest professional, ethical, and legal standards," according to the company's Web site.

Neither Rxdocuments.com, nor the Government of Malaysia responded to requests for comment. Rxdocuments.com is headquartered in Miami, but the Web site is registered to RxDocuments, in Bangalore, India, according to the Whois database, which tracks domain registration.

This is not the first time that the gov.my Web site been used by phishers, according to Laudanski. It has been used at least four other times since April of this year to spoof brands such as Chase, Citibank, and eBay, he said.
Aggressive Phishing

Phishers have become increasingly sophisticated as criminals have realized that there is real money to be made in online fraud. Research company Gartner estimates that U.S. consumers will lose $2.8 billion to phishing in 2006, with the average attack netting $1244.

"There's definitely more of it than we've seen ever," said Dave Jevans, chairman of the Anti-Phishing Working Group. "Spam has gone up hugely in the last two months and the volume of phishing has gone up with that," he said.

Jevans agreed said that this latest PayPal scam is unusual.

"It's interesting because it's basically two entities that you would think would have security nailed down," he said.

PC World's Erik Larkin contributed to this report.

yonghs · #10 (**permalink**) 30-05-2007, 09:12 PM

good job

............... even scarier than the figure I gave .... we Malaysians are letting those criminals taking advantage of our ignorance and are paying the price!!

GeminiGeek · #11 (**permalink**) 30-05-2007, 09:18 PM

Wow!

Welcome to the Tak Apa land...

Coolio · #12 (**permalink**) 30-05-2007, 10:31 PM

Even my streamyx email was used to send spam out...happened last year.

I was wondering what all these strange messages were.

Streamyx and TM Net really dont care at all....but all these things really tarnish Malaysians image in the eyes of the world.

When will they wake up? No point to have MSC and all that, when all these issues have never been tackled.

genzy · #13 (**permalink**) 31-05-2007, 12:38 AM

The M'sian email address used by viruses/spammers doesn't mean it must be sent via the M'sian IP lo.

It could be just the text value of the email address used for display and sent out from other countries.

Coolio · #14 (**permalink**) 31-05-2007, 10:34 AM

Quote:

The M'sian email address used by viruses/spammers doesn't mean it must be sent via the M'sian IP lo.

It could be just the text value of the email address used for display and sent out from other countries

Wah...is there a way to prevent our email from being misused? Otherwise later we will be labelled as spammers

Currently I have this particular IP that originate from TM Net. I ask about it here.

but dont think if anyone know about it. Visits from this IP is one of the most frequent. It always start with xx.xx.xx.xx.brf01-home.tm.net.my

and always use up more than 1 Mb of bandwidth each time. Previously, dont have such visits. I think the IP address itself looks strange....rite?

I suppose if you are casual surfer using Tm Net, then you dont know or dont care.

But if you are webmaster with already some experience, and not using Blogspot or some free hosting, but your own self hosting, then you cannot help but be very concerned with the lack of security standards with your ISP....TM Net.

iamfreelancer · #15 (**permalink**) 31-05-2007, 11:53 AM

Quote:

Originally Posted by Coolio

Even my streamyx email was used to send spam out...happened last year.

I was wondering what all these strange messages were.

Streamyx and TM Net really dont care at all....but all these things really tarnish Malaysians image in the eyes of the world.

When will they wake up? No point to have MSC and all that, when all these issues have never been tackled.

hold your horses there....Its not tat tm don't care... but this spam thing is out of control.. believe me they do detect those who used their line for spamming... my customer done tat before and got a warning letter from tm and his streamyx acc got suspended for 3 months.... tm do checking.. but there too much spammer....

like genzy say... spammer can just put any email address in the sender field and use a local smtp server to blast out the spam mail.... so the recipient see the email as it was coming from you...

i'm not tat a supporter of tm but sometimes we just got to be fair in this case of spamming....

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread: <

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)