# This blacklist of DCC clients is used by the public DCC servers. # It contains IP addresses and blocks of addresses of DCC clients # that persistently cause problems, particularly when the owners # are not responsive. # # This is http://www.rhyolite.com/anti-spam/dcc/client-blacklist.html # and http://www.dcc-servers.net/dcc/client-blacklist.html # # See also http://www.rhyolite.com/anti-spam/dcc/ # 3/4 million NOPs/day from 62.48.178.203 # novopca.pt netvisao.pt # Novopca - Construtores Associados S.A. # Rua do Sobreiro, 332 # Senhora da Hora 62.48.178.0/24 # about 500K pure NOPS/day; no response to mail from abuse@twtelecom.net # 66-193-204-14.static.twtelecom.net 66.193.204.14 # sometimes more than 2.3 million useless NOPs per day # no response to email # Ralf Sticklies, work.de, tipp24.de, Hamburg DE # test remove 2008/04/27 213.238.39.18 # 1.6 million NOPs/day # no response to email to abuse@business.telecomitalia.it # host26-64-static.118-81-b.business.telecomitalia.it 81.118.64.0/24 # 600K NOPs/day # no response from abuse@spot.net.ar, abusenet@datamarkets.com.ar, # or postmaster@spot.net.ar # 200.32.3.233 host1.spot.net.ar 200.32.3.233 # continuing unauthorized attempts to connect to TCP port 6277 # from 38.101.236.64, mail.epochtimes.com # John Tang, AsianBay Technology, Inc., 1322 Briarwood Rd, #J-6, # Atlanta, GA, johnztang@yahoo.com # from 38.101.236.69, mail.ntdtv.com # Domains by Proxy, but "New Tang Dynasty Television" on # http://ntdtv.com/xtr/firstPage.htm # from 38.101.236.222, mail.edoors.com # Whois Privacy Protection Service 38.101.236.0/24 # continuous bogus attempts to connect to TCP port 6277 from 212.75.36.124 # sodes.net, Tobias Wagener, Silcherstr. 1, Neu-Ulm, 89231, DE 212.75.36.0/24 # more than 3.7 million requests/day, probably in violation of the license # on the free source # aotech.net AO Technologies, 8314 Harlem Road, Westerville OH # 216.185.43.244 mail.mailrescue.in # qualispace.com, QuantumPages Technologies, Maharashtra IN # 216.185.43.250 216-185-43-250.qualispace.com # 216.185.43.251 216-185-43-251.qualispace.com # 216.185.43.252 216-185-43-252.qualispace.com 216.185.43.128/25 # Fortinet.com seems to be following a familiar business plan # and not only selling a product that misappropriates the CPU cycles, # bandwidth, and human administration efforts of the public DCC servers # but also generates bogus DCC requests packets. # Michael Xie, Sunnyvale CA 65.39.139.0/24 # fortinet.com has address 203.160.224.97 # fortinet.com mail is handled by 5 MAIL.APSECURE.com. # Wen-Shyang Shiau Chunghwa Telecom wsshiau@chti.com.tw # AP Secure Technologies Burnaby BC # APSECURE.com has address 203.160.224.97 # asianproducts.com Media Federal Co. Taipei TW # APSYS.NET Media Federal Co. Taipei TW 203.160.224.0/19 # FortressITX, 100 Delawanna Ave, Clifton, NJ # 400-500K NOPs/day and no response to questions # The reverse DNS for 69.72.145.30 changed to mail.pwebtech.com and # then to mail-intake.fortressitx.com # Pegasus Web Technologies, Franklin Lakes, NJ 69.72.145.0/24 # First Gulf Bank, P O Box 6316, Abu Dhabi, UAE # Suresh Rajagopalan 195.229.126.213 fgb-mail.fgb.ae # configured a DCC client to send requests to the public DCC servers, # did not configure their firewall to accept the DCC responses, # and then on Oct 9 demanded the identity of an attacker on their # "web-server" doing "TCP / UDP / ICMP scans" so that "action # could be initiated against user as per law of UAE or any other # countries applicable laws" # # I removed this entry after the principals apologized to one of # the public DCC server operators, after they had made a second # complaint a week or two later. More recently on November 4, 2006 # they repeated their old GFW complaints. That will teach me. 195.229.126.208/28 # $Date: 2008/04/28 02:46:16 $
Contact vjs@rhyolite.com by mail or using the form. Do not send mail to the spam trap.
