Re: Re: Request Spamhaus contact

["Gary E. Miller" <gem () rellim com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Jeffrey!

On Mon, 17 Jan 2011, Jeffrey Lyon wrote:

> I fat fingered the netmask, try now.

Still up:

# nmap -sS 208.64.120.197

Starting Nmap 5.21 ( http://nmap.org ) at 2011-01-17 17:07 PST
Nmap scan report for 208.64.120.197
Host is up (0.033s latency).
Not shown: 989 filtered ports
PORT      STATE SERVICE
21/tcp    open  ftp
80/tcp    open  http
135/tcp   open  msrpc
443/tcp   open  https
1723/tcp  open  pptp
1801/tcp  open  unknown
2103/tcp  open  zephyr-clt
2105/tcp  open  eklogin
2107/tcp  open  unknown
49154/tcp open  unknown
49157/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 4.77 seconds



RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
        gem () rellim com  Tel:+1(541)382-8588

> Thanks, Jeff
>
>
> On Mon, Jan 17, 2011 at 7:39 PM, Raymond Dijkxhoorn
> <raymond () prolocation net> wrote:
> > Hi!
> >
> > > We've acted on every report that we're aware of and instead you want
> > > to play pharmacy domain scavenger hunt. This domain at 208.64.120.197
> > > redirects to IP space we already null routed. It's the same customer.
> >
> > Either you place strange nullroutes or you did not at all.
> >
> > [root@mi10 tmp]# wget -S www.vertrouwdeapotheek.nl
> > --01:37:29--  http://www.vertrouwdeapotheek.nl/
> >           => `index.html'
> > Resolving www.vertrouwdeapotheek.nl... done.
> > Connecting to www.vertrouwdeapotheek.nl[208.64.120.197]:80... connected.
> > HTTP request sent, awaiting response...
> >  1 HTTP/1.1 301 Moved Permanently
> >  2 Cache-Control: private
> >  3 Content-Length: 0
> >  4 Location: http://www.vertrouwdeapotheek.nl/Home.aspx
> >  5 Server: Microsoft-IIS/7.0
> >  6 X-AspNet-Version: 4.0.30319
> >  7 X-Powered-By: ASP.NET
> >  8 Date: Tue, 18 Jan 2011 00:37:04 GMT
> >  9 Connection: close
> > Location: http://www.vertrouwdeapotheek.nl/Home.aspx [following]
> > --01:37:29--  http://www.vertrouwdeapotheek.nl/Home.aspx
> >           => `Home.aspx'
> > Connecting to www.vertrouwdeapotheek.nl[208.64.120.197]:80... connected.
> > HTTP request sent, awaiting response...
> >
> > Does this look as its nullrouted?
> >
> > > P.S. Someone at Spamhaus PLEASE remove the /21 listing?
> >
> > I highly doubt. There is much more to clean on your network before i hope
> > they would even reconsider.
> >
> > Bye,
> > Raymond.
>
>
>
> --
> Jeffrey Lyon, Leadership Team
> jeffrey.lyon () blacklotus net | http://www.blacklotus.net
> Black Lotus Communications - AS32421
> First and Leading in DDoS Protection Solutions
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFNNOgkBmnRqz71OvMRAlvyAJ9iB4xleue08ZFvUXhDc+/vmga4KwCeKsEQ
556DfEqv3CINUxO2GyxmBJ0=
=8XnB
-----END PGP SIGNATURE-----