Oh for FUDs sake...

Featured 3 Responses »
Apr 092009

http://www.flickr.com/photos/thayerschool/3267515306/

No doubt you’ve seen the storm crossing the net these last few days (and weeks, months, years) concerning the possibility that Chinese hackers have planted code in our power facilities giving them the ability to remotely shut down our grid at their whim. Well, this isn’t my obligatory pseudo-opinion, instead I’ll just share a little bit about the area I live in. We are one of the windiest areas in the entire US, and the concentration of wind farms in our are is a testament to that fact.

Despite the seemingly endless supply of renewable energy around here, the power goes out quite frequently. Sometimes it makes me think about how it must have been to live in the early days of the electrical age when just the slightest breeze might knock out the power for days. It gets pretty crazy around here this time of year with winds peaking at 80mph on a near daily basis. Not only does the wind have a habit of kicking off the power, it also tends to kick up a lot of dust. On days like today, the visibility drops and going outside is almost equivalent to being willingly sandblasted…

Now here’s where the FUD comes in… I read a bunch of these news articles concerning the threat posed by malware at our power stations, and I also know from years of experience that the wind gets strong here and knocks out the power…. but can you guess what first came to mind when the power went out the other day? Howling winds and all, part of me still couldn’t help but remember the articles and that cast doubt in my mind about the cause of the outage. Now, I consider myself to be a very free-thinking adult with half a brain, and at least half an education, but think about every one else for a second. Ok, stop.

You just put more effort in to it than most. Congrats, now ignore the FUD and go back to your American Gladiators.

http://www.flickr.com/photos/morgacito/44179636/

Wow, I haven’t had a Bill Hicks moment in a while. Feels good bro.

Also, here’s a great comment from a user named tehowe on digg:

The fair and balanced media has rediscovered botnets and hackers. What next, EMP? Surely this technology is well within reach of the turrists and foreign agencies. All computers henceforth must be stored in a secret cloud-top Colorado mountain complex with ninja assassin guards.

Great insight from a 10 year old. Better grammar and spelling than most digg commenters too! :)

Posted by nukeit at 9:01 pm Tagged with: , , , , , , , , ,

Bot list 0116

Featured No Responses »
Jan 162009

http://www.flickr.com/photos/chrisdonia/

It would seem that I have inadvertently created a honeypot with nothing more than WordPress and a (poorly) chosen post title. I have seen more RFI scan bots targeting my site in the last week than ever before.

I use the Bad Behavior plugin partly because I am lazy but mostly because I don’t have complete access to my hosts error_log file. I made a short little mysql query to grab the ip’s and request url from Bad Behaviors wp table:
SELECT ip,request_uri FROM `wp_bad_behavior` WHERE request_uri LIKE '%??%' LIMIT 0,1000

With this data you can add many IP addresses to your .htaccess, send abuse letters (that will likely go unanswered) or my favorite, post them to hacker forums and let the other bot herders fight over them :)
Whatever floats your boat as they say…

Some cute code here, but mostly the same old same old

hxxp://203.114.112.155/webboard1234/mic.txt
hxxp://abcabc.fileave.com/id.txt
hxxp://amadeus-umzuege.de/umzug/news_local/upload/id.txt
hxxp://armadaglass.webrok.co.uk/test.txt
hxxp://aukce.hoggos.cz/auction/id.txt
hxxp://baaaaaa.altervista.org/idv.txt
hxxp://ballermarketing.com/article_directory/backup/id.txt
hxxp://blog.3s.com.ua/im/safe1.txt
hxxp://bosanskinovi.info/components/com_zoom/lib/id
hxxp://cem.jrc.it/logo.jpg
hxxp://conexionw.com/…/.thumb/image.txt
hxxp://drk-lingen.org/…/rid
hxxp://fasttorrent.org//admin/x/copyright.txt
hxxp://fctribe.com/data/copyright.txt
hxxp://fwt.txdnl.com/6-40/a/l/alexsha/id.txt
hxxp://genomelife.com/ecology/copyright.txt
hxxp://geocities.com/bangsat97/cmd.txt
hxxp://geocities.com/nuklir2/test.txt
hxxp://godswordaudio.com/modules/id.txt
hxxp://gugakedu.co.kr/kboard/image/id.txt
hxxp://gumansin.com/id.txt
hxxp://h1.ripway.com/leo212/idpit.txt
hxxp://har.comoj.com/id.tcl
hxxp://heatingfilm.com//kboard/data/bajo-id.txt
hxxp://homert.100webspace.net/doc/flo1.txt
hxxp://hxxp://www.lightheartessences.co.uk/super-id.txt
hxxp://i0.co.kr/i0mall//admin/tukulid.txt
hxxp://indoirc.go.ro/idscan.txt
hxxp://industrialesubb.cl/id.txt
hxxp://kadin.or.id/tes/id1.txt
hxxp://kadin.or.id/tes/test.txt
hxxp://kaizo.hut2.ru/new/test.txt
hxxp://oursoultvxq.com/bbs/data/bbs/chi.txt
hxxp://psis-jeddah.com/js/fx29id.txt
hxxp://rubiii.freehostia.com/v6-i.txt
hxxp://swzx.jlu.edu.cn/test/media/wy.txt
hxxp://webpower.jp/data/readme.txt
hxxp://www.asthmant.org.au/.dat/copyright.txt
hxxp://www.asthmant.org.au/.dat/sprinter.xpp
hxxp://www.becabioinfo.org/bbrweb//contenido/cronjobs/idrfi.txt
hxxp://www.camelodromovirtual.com.br/vnc/albania.txt
hxxp://www.contactosteune.com/phpmailer/phpinfo/osid6.txt
hxxp://www.cosmickls.net/ids
hxxp://www.csjh.tpc.edu.tw/~sw/board/idfeelcomz.txt
hxxp://www.csjh.tpc.edu.tw/~sw/board/idm1.txt
hxxp://www.dtcc.edu.vn/images/kacebongid.txt
hxxp://www.efeyl.org/wiki/backups/sp.txt
hxxp://www.elquiche.com/elquiche/chat//inc/cmses/bajo-id.txt
hxxp://www.eyepro.net/assets/snippets/reflect/id1.txt
hxxp://www.geocities.com/andriawan_08/idrose.txt
hxxp://www.geocities.com/coracore98/id.txt
hxxp://www.geocities.com/killer_them/idv6.txt
hxxp://www.geocities.com/lisamira81/idpit.txt
hxxp://www.geocities.com/snk.haomaru/idx6.txt
hxxp://www.henneferkanuteam.de/apboard/info.txt
hxxp://www.hotelsunflower.it/images/smilies/rhs/list.txt
hxxp://www.jiaoshi.com.cn/status/osid6.txt
hxxp://www.kadin.or.id/tes/test.txt
hxxp://www.kampeermarkt.com/banner/idv6.txt
hxxp://www.karensscrappin.com.au/moodledata/1/recipefolio/id.txt
hxxp://www.kmt-s.ru/chid.txt
hxxp://www.kortech.cn/sub/ids
hxxp://www.lazar.ru/manager/processors/copyright.txt
hxxp://www.lazar.ru/manager/processors/min.txt
hxxp://www.lazar.ru/manager/processors/readme.txt
hxxp://www.lazar.ru/manager/processors/test.txt
hxxp://www.loft-im-hof.de//wp-content/myfotos/raeume/DSC00583.jpg
hxxp://www.madolddogs.de//flash/db/id2.txt%0D
hxxp://www.midwest-vintage.com/products/images/category/bot.txt
hxxp://www.musendi.com/gaestebuch/2006/02/23/idfeelcomz.txt
hxxp://www.pride-ug.ru/idrose.txt
hxxp://www.radioadventista.com//images/contenido/readme.txt
hxxp://www.samilglass.com/images/v6id.txt
hxxp://www.sassadeekorat.net/db/…/id2.txt
hxxp://www.sema-sa.ch/beast-test.txt
hxxp://www.sema-sa.ch/pit-id.txt
hxxp://www.shadowclubgermany.net/shadow/readme.txt
hxxp://www.shenlishi.com//skin/fxid1.txt
hxxp://www.shenlishi.com/skin/albania.txt
hxxp://www.skarstad.net/forum/id2.txt
hxxp://www.smellmyeggs.com/idv6.txt
hxxp://www.stormpages.com/birulangi/sr.txt
hxxp://www.svbbauvertrag.de/safe1.txt
hxxp://www.swepco.co.uk//assets/export/id3.txt
hxxp://www.telcel.cc/~test/id123132123141424142.txt
hxxp://www.terrytrippler.com/local.txt
hxxp://www.tos-belarus.org/data/idfeelcomz.txt
hxxp://www.tos-belarus.org/data/v7id.txt
hxxp://www.tos-belarus.org/scan/copyright.txt
hxxp://www.tvacres.com/forum/Themes/default/images/bbc/images/tukulid.txt
hxxp://www.ungalliance.dk/member/id.txt
hxxp://www.unju.edu.ar/agrometeorologia2008//components/com_joomla/bot.txt
hxxp://www.vif2.ru/abcxyz/barack/bns.txt
hxxp://www.vust.net/contrex/rfi.txt
hxxp://www.vust.net/contrex/scan.txt
hxxp://zxczxc.fileave.com/id.txt

Scanner’s IP addresses

113.30.66.5
122.203.17.131
123.214.171.51
124.0.210.117
124.105.248.66
124.139.67.70
125.247.142.3
134.173.238.144
140.130.101.5
143.106.167.231
147.230.81.165
189.2.218.179
189.54.249.148
193.146.193.6
193.25.112.69
194.67.32.29
195.14.58.221
195.186.64.215
195.5.75.203
200.13.253.154
201.51.255.39
201.52.32.115
201.81.178.179
202.164.17.65
202.95.230.101
203.143.124.44
203.162.139.20
203.250.148.36
206.130.11.80
207.154.23.93
207.162.219.29
207.182.137.218
208.64.230.40
209.151.235.182
209.172.41.135
209.25.221.108
209.59.140.98
209.62.125.194
209.85.100.3
210.183.36.251
211.172.232.90
211.202.2.220
212.241.182.240
212.34.140.136
213.133.224.6
213.136.106.214
216.14.80.68
216.153.214.235
216.180.251.146
216.246.15.117
216.40.204.130
217.115.154.55
219.254.35.166
222.239.227.185
222.239.227.49
24.39.162.98
61.62.88.233
62.149.228.44
62.205.161.114
62.81.206.30
63.247.138.209
63.247.65.114
64.151.255.1
64.22.110.198
65.18.169.40
65.254.32.66
66.147.239.184
66.232.142.27
66.34.133.35
66.90.118.27
66.98.248.88
67.19.34.242
67.205.76.175
67.76.163.60
69.36.10.228
69.50.211.121
69.73.185.100
69.73.188.17
70.47.58.4
72.232.203.242
72.29.90.83
72.55.148.109
74.200.242.34
74.208.145.116
74.208.16.116
74.55.128.226
75.125.132.98
75.125.182.74
75.145.152.113
77.221.130.12
77.221.130.15
77.221.130.2
77.221.130.8
79.99.216.6
80.122.203.139
80.83.90.50
81.122.81.86
81.169.182.232
81.176.226.164
81.176.67.220
81.208.9.229
82.218.6.10
84.243.214.11
85.119.154.60
85.236.53.4
85.25.124.175
85.25.152.167
85.9.22.160
87.230.21.133
88.198.16.81
89.111.176.122
89.111.180.85
89.186.1.54
89.218.85.18
91.193.20.48
91.52.190.184
93.174.121.15
93.186.176.253
93.88.16.73
94.23.20.159
98.121.103.161

Posted by nukeit at 6:07 pm Tagged with: , , , , ,
© 2010 nukeitdotorg Suffusion WordPress theme by Sayontan Sinha