Blog for hpHosts, and whatever else I feel like writing about ....

Tuesday 8 September 2009

One or two updates

You may have noticed my mentioning planned maintenance the other day. Sadly I never got round to doing this (didn't have the time or finances to purchase new hardware). I have however, gotten my old Linux machine ready for use an extra server, and plan to move the more resource intensive sites over to it as soon as I get time to do so (the machine is only a 1-1.4Ghz, but has 1GB RAM, which is twice as much as the hpHosts server, and 2-3 times more than the other servers).

I've also gotten a Netgear RangeMax (DG834PN) router to replace the now very old DG834Gv2. I got it all setup and online, and there were no external issues, however, it didn't seem to like letting the machines on the network see each other, so until I get time to find out why (the current router doesn't have that problem, nor did it require any configuration to allow such), it's sitting in it's box waiting for me.

I'd also like to note, I've been completely swamped over the past few weeks, so if you've sent me an e-mail and have not yet received a response, please do let me know (either via the hpHosts forums, or the TeMerc forums, or of course, simply re-send your e-mail).

I've also been monitoring the domains I mentioned with regard to the Alliance & Leicester botnet, and these are still alive. However, I seem to have forgotten to list the IP's they were resolving to when I posted the blog. I ran through them and filtered the duplicates, and out of the > 3000 IP's, there were only 49 unique IP's, these are;

118.100.219.152    -    Resolution failed
124.182.144.193    -    CPE-124-182-144-193.sa.bigpond.net.au
138.210.154.36    -    nv-138-210-154-36.sta.embarqnow.net
142.163.221.137    -    Resolution failed
151.201.22.120    -    static-151-201-22-120.pitbpa.east.verizon.net
158.142.161.198    -    Resolution failed
200.234.35.125    -    125.35.234.200.in-addr.arpa.ig.com.br
202.181.203.146    -    Resolution failed
204.118.0.2    -    Resolution failed
209.51.85.237    -    dynamic.apogeenet.net
213.112.109.84    -    c-546d70d5.01-24-6b73642.cust.bredbandsbolaget.se
213.94.231.25    -    Resolution failed
216.16.111.15    -    host-15.216-16-111.iw.net
216.39.57.104    -    p4p-i.geo.vip.re4.yahoo.com
219.83.125.242    -    Resolution failed
24.124.55.189    -    189.55.124.24.cm.sunflower.com
24.215.207.168    -    user-0cdfjt8.cable.mindspring.com
24.224.157.168    -    blk-224-157-168.eastlink.ca
24.231.42.95    -    Resolution failed
62.219.139.9    -    bzq-219-139-9.static.bezeqint.net
64.150.244.50    -    Resolution failed
65.202.231.12    -    Resolution failed
66.169.13.214    -    66-169-13-214.dhcp.spbg.sc.charter.com
66.214.116.46    -    66-214-116-46.dhcp.hspr.ca.charter.com
66.222.90.70    -    h66-222-90-70.stmyga.dedicated.static.tds.net
66.68.15.17    -    cpe-66-68-15-17.austin.res.rr.com
67.110.218.85    -    67.110.218.85.ptr.us.xo.net
67.176.38.186    -    c-67-176-38-186.hsd1.co.comcast.net
67.77.32.172    -    Resolution failed
69.155.9.91    -    adsl-69-155-9-91.dsl.pnblar.swbell.net
69.88.210.46    -    69-88-210-46.comwavz.com
72.24.91.229    -    72-24-91-229.cpe.cableone.net
74.137.209.179    -    74-137-209-179.dhcp.insightbb.com
74.210.179.153    -    74-210-179-153.hy.cgocable.ca
75.186.111.65    -    cpe-75-186-111-65.indy.res.rr.com
75.198.76.2    -    2.sub-75-198-76.myvzw.com
75.71.206.166    -    c-75-71-206-166.hsd1.co.comcast.net
76.241.94.108    -    adsl-76-241-94-108.dsl.bcvloh.sbcglobal.net
77.126.129.61    -    Resolution failed
79.176.36.115    -    bzq-79-176-36-115.red.bezeqint.net
80.171.84.27    -    d084027.adsl.hansenet.de
80.186.217.55    -    80-186-217-55.elisa-mobile.fi
80.243.242.253    -    242-253.us.ool.fr
81.56.67.245    -    mic92-3-81-56-67-245.fbx.proxad.net
81.57.3.231    -    aut75-1-81-57-3-231.fbx.proxad.net
91.67.60.242    -    91-67-60-242-dynip.superkabel.de
98.193.136.121    -    c-98-193-136-121.hsd1.tn.comcast.net
98.249.93.67    -    c-98-249-93-67.hsd1.tn.comcast.net
99.144.178.98    -    adsl-99-144-178-98.dsl.emhril.sbcglobal.net


I'll post the latest validation results once they're finished.

/edit 03:54

The validation is now finished:

http://hosts-file.net/misc/hpObserver_-_alliance-leicester_botnet_-_090909-0354.html

No comments: