Well done for being persistent. However, nobody has the right to scan in
know what is about to take place. It is trivial to find out who is
whom is the abuse contact there. An intrusive scan like this, whilst
maybe not quite a full-blown DoS, comes quite close being debilitating.
this, and get a full explanation what they were about. They should not
get away with this without at least a few token bruises. Heavy-handed
> SUCCESS
>
> I have just received an email from research-abuse mailbox at Stanford
> University to say they have removed my IP from their database. At
> last! Shame they didn't think to add a little sorry for inconvenience.
> But victory!
>
> On Sun, 14 Apr 2019 at 07:09, Keith Williams
> <keithwilliamsnp@??? <mailto:keithwilliamsnp@gmail.com>> wrote:
>
> Sorry for delay in replying, I have been away in the big city for
> a couple of days, now back to face the world once more
>
> On Wed, 10 Apr 2019 at 17:13, admins
> <admins@???
> <mailto:admins@sheffieldhackspace.org.uk>> wrote:
>
> A lawsuit is a blunt and very expensive tool.
>
> Use something pointy and sharp that can slip between the ribs.
> Like
> social media.
>
> Large institutions are sensitive about their image, many
> monitor social
> media and their social media accounts. tweet about the irony
> you have
> observed together with a precise statement of the facts, their
> lack of
> response to the correct official channel for complaints, the
> ongoing
> nature of this and reference their social media account (so their
> followers all of them get the message too) and link their
> security course.
>
> This should get you a response.
>
>
> Kirbs
>
>
> On 10/04/2019 08:38, Max B via users wrote:
> > Now what would it take to get them to notice you and fix the
> problem and compensate you?
> >
> > A lawsuit.
> >
> > How does this differ from a robber who is trespassing on
> your property and looking to see whether any of your doors is
> ajar?
> >
> > If one of your machines is located in the US, you have locus
> standi in that jurisdiction to pursue the trustees of Stanford.
> >
> > Is that jurisdiction California?
> >
> > Can bitfolk map the address range to which your machines
> respond to a US server farm located in Palo Alto or Menlo Park?
> >
> > It need only be for a month or a week, although damages
> would follow length of exposure to the hazard.
> >
> >
> >
> >
> > --------------------------------------------
> > En date de : Mer 10.4.19, Keith Williams
> <keithwilliamsnp@??? <mailto:keithwilliamsnp@gmail.com>>
> a écrit :
> >
> > Objet: Re: [bitfolk] I know I should not take it personally
> but ...
> > À: "BitFolk Users" <users@???
> <mailto:users@lists.bitfolk.com>>
> > Date: Mercredi 10 avril 2019, 1h50
> >
> > It still
> > continues, but at a reduced rate. Still no response to my
> > email to the abuse mailbox. They have advertised a seminar
> > on cybersecurity which is going on round about now. That is
> > ironic.
> >
> > On Wed, 10 Apr
> > 2019 at 00:44, Keith Williams <keithwilliamsnp@???
> <mailto:keithwilliamsnp@gmail.com>>
> > wrote:
> > I was
> > just going to say it had stopped, LOL, a 15 minute break,
> > then a burst, then a few minutes break. Seems to be slowing
> > down but another is giving port 80 a hammering. Because I
> > give these blackholes different names I can see the new
> > contender is one of the content spammers. Oh well it's
> > past midnight here so I will let them get on with their
> > games
> >
> > On Tue, 9 Apr 2019
> > at 23:03, admins <admins@???
> <mailto:admins@sheffieldhackspace.org.uk>>
> > wrote:
> >
> >
> >
> >
> >
> > Sounds sensible to me.
> > I also blanket ban anyone having a go at SSH simply
> > as whilst it
> > may start there, it never ends there.
> > Sounds like a retarded infestation to me. Most bots
> > are not that
> > clever in and of themselves, once you have had a
> > rummage through
> > their code. There have been some clever tricks put
> > into coding
> > them though.
> >
> >
> >
> > kirbs
> >
> >
> >
> >
> >
> >
> > On
> > 09/04/2019 15:50, Keith Williams
> > wrote:
> >
> >
> >
> >
> > Every packet that arrives from them is
> > sent to a
> > chain by the firewall which logs them and then drops
> > them. The
> > log records the port they were blocked on.
> > That's how I found
> > the 7777. I had no idea what it was. I picked them
> > up first
> > because they hit on 22. that got them put in the
> > set. Others in
> > the set made a couple of attempts then disappeared.
> > There is one
> > oyher persistent pest, a well known comment spammer
> > that keeps
> > coming back and having a go for a while then
> > disappearing, then
> > just the usual rubbish
> >
> >
> >
> > On
> > Tue, 9 Apr 2019 at 22:27,
> > Dom Latter <bitfolk-users@???
> <mailto:bitfolk-users@latter.org>>
> > wrote:
> >
> >
> >
> >
> >
> >
> > On 09/04/2019 10:59, Keith Williams wrote:
> >
> > >
> >
> > > On Tue, 9 Apr 2019 at 17:38, Dom Latter
> > <bitfolk-users@??? <mailto:bitfolk-users@latter.org>
> >
> >
> > > <mailto:bitfolk-users@latter.org
> <mailto:bitfolk-users@latter.org>>>
> > wrote:
> >
> > >
> >
> > > On 09/04/2019 04:44, Keith Williams
> > wrote:
> >
> > > > for at least 24 hours now. They
> > go for ports
> > 22.23.53, 80, 443
> >
> > > and 7777.
> >
> > > > That last one is particularly
> > nasty.
> >
> > >
> >
> > > They're (probably) looking for a
> > backdoor opened up
> > by Windows malware.
> >
> > >
> >
> > > Why would that concern you?
> >
> >
> >
> > > It does concern me for a number of
> > reasons.
> >
> >
> >
> > I was particularly referencing 7777 (hence the
> > quoted
> > context). You've
> >
> > not got anything on that port, and even if you
> > did, it
> > wouldn't be
> >
> > compatible.
> >
> >
> >
> > I don't think I'd even notice an attempt
> > to connect to 7777.
> >
> > Because a connection is not made...
> >
> >
> >
> > _______________________________________________
> >
> > users mailing list
> >
> > users@??? <mailto:users@lists.bitfolk.com>
> >
> > https://lists.bitfolk.com/mailman/listinfo/users
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > users mailing list
> > users@??? <mailto:users@lists.bitfolk.com>
> > https://lists.bitfolk.com/mailman/listinfo/users
> >
> >
> >
> >
> > _______________________________________________
> >
> > users mailing list85.119.82.114
> >
> > users@??? <mailto:users@lists.bitfolk.com>
> >
> > https://lists.bitfolk.com/mailman/listinfo/users
> >
> >
> > _______________________________________________
> > users mailing list
> > users@??? <mailto:users@lists.bitfolk.com>
> > https://lists.bitfolk.com/mailman/listinfo/users
> >
> > -----La pièce jointe associée suit-----
> >
> >
> >
> > _______________________________________________
> > users mailing list
> > users@??? <mailto:users@lists.bitfolk.com>
> > https://lists.bitfolk.com/mailman/listinfo/users
>
> --
> admins@???
> <mailto:admins@sheffieldhackspace.org.uk>
> www.sheffieldhackspace.org.uk
> <http://www.sheffieldhackspace.org.uk>
>
>
> _______________________________________________
> users mailing list
> users@??? <mailto:users@lists.bitfolk.com>
> https://lists.bitfolk.com/mailman/listinfo/users
>
>
> _______________________________________________
> users mailing list
> users@???
> https://lists.bitfolk.com/mailman/listinfo/users
