RE: Wmule server details

From: Dylan Douglas <dylan_at_mediadefender.com>
Date: Mon, 25 Jun 2007 16:21:21 -0700

Ahh, the evil spyware people. Muhahaha.
 
-----
Dylan Douglas
MediaDefender
 

________________________________

        From: Tabish Hasan
        Sent: Monday, June 25, 2007 3:58 PM
        To: Randy Saaf; Jay Mairs; Dylan Douglas; Ty Heath
        Cc: Ben Grodsky; qateam
        Subject: Wmule server details
        
        

        Here's some more details regarding those wmule.com servers.
They're in 4 different IP blocks and 55 in total. 50 of the 55 servers
are in the 67.159.xx.xx US-Based IP block. The rest are based in Israel.

        These do not seem to be Macrovision or MediaSentry based on
their search results.

         

        These are actually the servers that are returning the 1000+
.exe/.zip files that we've been seeing lately. (It's those files that
show up in any random global query)

        That might be the only reason they're there...to help propagate
those spyware files.

         

        See below for more details:

         

IP

total # in IP block

Name

ISP / Host

ISP Location

Returns local queries?

Returns global queries?

Returns our servers upon connecting?

On Gruk's List?

67.159.44.xxx:4232

~50

www.wmule.com

FDC Servers.net

Chicago

No

Just the 1000+ availability .exe/.zip files

yes

no

82.80.250.236:4232

2

www.wmule.com

Bezeq International

Israel

No

yes

yes

no

212.179.133.219:4232

2

www.wmule.com

Bezeq International

Israel

Just the 1000+ availability .exe/.zip files

yes

no

no

62.90.175.146:4232

1

www.wmule.com

Barak Provisioning Team

Israel

no

no

yes

no

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

~55 total servers

 

 

 

 

 

 

 

 

         

         

         
Received on Fri Sep 14 2007 - 10:55:52 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:45 BST