Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Tue Jul 17, 2007 6:58 pm Reply with quote

Maybe you ´ll not notice this address:
pillenpharm.com in your referer but different forums are already filled with spam entries about pills and this url.
From my logs:

66.158.232.9 - - [16/Jul/2007:00:43:48 +0200] "GET /ftopicp-8785.html HTTP/1.0" 200 1385 "http://www.pillenpharm.com/index.html?ref_id=492&camp=viagra" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 95; BCD2000)"


I added the referer into the NukeSentinel blocker and the problem is when you use the email function also you can end up with a flood of emails.
I have a list of blocked IPs related to this url from several different countries and it looks like all are known as typical spammer.


An alternative way to ban via .htaccess is here:
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Susann
PostPosted: Mon Jul 23, 2007 5:14 pm Reply with quote

Looks like logfile spam. They have something like a partner programm and thats the reason why there is an id and why the so called partners try to link to this site using different methods like spamming in forums. Totally suspect.
I checked the german site with the same name and noticed there that the owner changed. So the .de site has nothing to do anymore with the com site.
There are a lot more suspect things with this site. Rolling Eyes
Anyone saw this url in his logs or forums ?

Btw: A way to report sites is here:
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login!
 
bugsTHoR
Involved
Involved


Joined: Apr 05, 2006
Posts: 261

PostPosted: Tue Aug 28, 2007 2:41 am Reply with quote

them sods are using a lesser known mail address ive got (from merseymail.com)
to spam others
so i get lots of people thinking im doing it. life sucks then ya get divorced and the problems really begin lol.

_________________
Only registered users can see links on this board! Get registered or login! LUV RAVEN DISTROBUTION BEBE

Clanthemes.com are great (free advertisements for now until i get to 20,000 posts LoL) 
View user's profile Send private message Visit poster's website
Susann
PostPosted: Tue Aug 28, 2007 3:23 am Reply with quote

They are dirty spammers. I banned around 30 IPs.Found pillenpharm also on a illegal pharmacy blacklist.
 
bugsTHoR
PostPosted: Tue Aug 28, 2007 3:25 am Reply with quote

there no way to stop them either they shut one site down ,they just open another.
but the sad news is people must buy off them otherwise they wouldnt do it. Bang Head
 
Susann
PostPosted: Tue Aug 28, 2007 3:33 am Reply with quote

How true.Money is the name of the game.
 
Susann
PostPosted: Sat Jan 12, 2008 10:57 am Reply with quote

An other dirty refer spammer.
The blacklist status of this domain is clear. Rolling Eyes
Seems some guys are working hand in hand.
Doesn´t make much sense to ban the User agent or the different Proxies/IPs they use. Also I never saw them under referer within the administration.


218.7.13.186 - - [11/Jan/2008:12:25:03 +0100] "GET /ftopict-1714.html HTTP/1.0" 200 1535 "http://www.viagra-kaufen.info" "Mozilla/6.0; (Spoofed by Amiga-AWeb/3.5.07 beta)"


Solution:

Quote:

RewriteCond %{HTTP_REFERER} ^http://viagra-kaufen\.info
RewriteRule ^.* - [F]
 
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Sun Jan 13, 2008 8:37 am Reply with quote

Susann, thanks for the detailed, informative and helpful posts!

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©