Vernon Schryver
vjs@calcite.rhyolite.com
Wed Jun 29 19:03:29 UTC 2005
Someone apparently in Europe is distributing some sort of ancient and custom-broken version of the DCC client code. It likes to poke at a DCC server that has not been answering anonymous clients for years. I have tried for months to discover the perpetrators. The perverted code seems to be common on dial-up lines or other dynamically assigned IP addresses in Europe with some users in Northern Africa and South America. My most recent tactic was been to ask ISPs that own the address blocks in question. I thought I was making progress in France when an ISP responded to an early version of the form letter I've been sending by asking for log entries showing good timestamps. Nothing came of that until today when they responded with nosnense about not finding its IP addresses "in the heading of the original mal" as if I were complaining about spam. It went on to instruct me me on how to figure out IP addresses, use http://www.nic.fr/cgi-bin/whois, http://www.geektools.com/, and their lame web form. Unless someone thinks it is a bad idea, I will changed tactics to blacklist the address blocks of such ISPs for the public DCC servers. I will send a couple of reports over a couple weeks, and then add to the blacklist. Perhaps when those or other end users find little or no joy from current public DCC servers, they will complain to their ISPs or the perpetrator of the broken code and someone will fix the broken code, recall it, or at least accept responsibility for it. See http://www.rhyolite.com/anti-spam/dcc/client-blacklist Vernon Schryver vjs@rhyolite.com
More information about the DCC
mailing list
