[WikiEN-l] Reporting Grawp to Verizon
brewhaha%40edmc.net
brewhaha at edmc.net
Sun Jan 25 10:03:01 UTC 2009
You can safely assume that all ports, source and destination, are 80. Errors
on that should hav no consequence. The information about his source IP#s is
on his checkuser report. Destination IP#s are not. Verizon might be able to
get that from the datestamp on their own records. One list is almost
entirely in Verizon's space. So, you can do it like this, for one example:
>> - Source IP address: 207.172.128.101
>> - Source port(s): 80
>> - Destination IP address: Wikipedia.org (not known to me)
>> - Destination port(s): 80
>> - Date: 2008-10-16
>> - Specific time: 17:40:56
>> - Time zone (in which the log file time stamp is
>> recorded): UTC
>> - Brief synopsis: Replaced content with "if some kid needs this for a
>> report then.......................FUCK OFF!"
Retrieved from
http://en.wikipedia.org/w/index.php?title=Piracy&oldid=245781063
"Dahsun" <dahsun at yahoo.com> wrote in message
news:583575.28053.qm at web54107.mail.re2.yahoo.com...
>I reported Grawp to Verizon earlier this week and got the following
>response, I'm circulating it here so that others reporting vandals to ISPs
>can follow their format. But more importantly can anyone tell me how to
>work out Destination IP address & Destination port(s)?
>
> Jonathan (WereSpielChequers)
>
>
> --- On Tue, 20/1/09, abuse at verizon.net <abuse at verizon.net> wrote:
>
>> From: abuse at verizon.net <abuse at verizon.net>
>> Subject: Re: [AB-C24281409F] Threats by one of your customers to rape and
>> bugger a Wikipedia user
>> To: dahsun at yahoo.com
>> Date: Tuesday, 20 January, 2009, 8:43 PM
>> Thank you for writing.
>>
>> Your report contained no log file excerpt, or incomplete
>> information, and therefore cannot be investigated.
>>
>> In order to investigate your report, please submit a new
>> report with a log file excerpt providing the specific
>> details for the malicious traffic specific to a Verizon
>> Online customer only.
>>
>>
>> Log file excerpts must be in plain text format, and
>> include:
>>
>> - Source IP address
>> - Source port(s)
>> - Destination IP address
>> - Destination port(s)
>> - Date
>> - Specific time
>> - Time zone (in which the log file time stamp is
>> recorded)
>> - Brief synopsis
>>
>>
>> Additionally, please note that due to the number of reports
>> we receive, reports with log files containing extraneous
>> information not pertinent to the specific report cannot be
>> accepted.
>>
>> Verizon Internet Services Security can only take action in
>> response to traffic initiated by Verizon Internet customers.
>> Traffic from non-Verizon sources must be reported directly
>> to the appropriate owner of the IP space that is initiating
>> the traffic.
>>
>> The following web site may be helpful in determining the
>> owner of the originating IP space:
>>
>> http://www.arin.net/whois
>>
>> We hope this provides the necessary information in order to
>> re-submit your report with the data needed, so that an
>> investigation may be initiated.
>>
>>
>> Sincerely,
>>
>> Verizon Online Abuse
>> http://www2.verizon.net/policies
>> http://www.verizon.net/security
>> Abuse at verizon.net
>>
>>
>> ==== Original Message ====
>> 1. Threats by one of your customers to rape and bugger a
>> Wikipedia user
>> Added by system at Monday, Jan 19 2009 09:17 am
>> X-MailFrom: dahsun at yahoo.com
>> X-RcptTo: security at abuse.mailsrvcs.net
>> Received: from [172.18.169.123] by [172.18.45.30] (abacus)
>> for <security at abuse.mailsrvcs.net>; Mon Jan 19
>> 09:17:21 2009
>> Received: from web54109.mail.re2.yahoo.com
>> ([206.190.37.244])
>> by vms169123.mailsrvcs.net
>> (Sun Java System Messaging Server 6.2-6.01 (built Apr 3
>> 2006))
>> with SMTP id
>> <0KDQ009N854X2XE0 at vms169123.mailsrvcs.net> for
>> security at abuse.mailsrvcs.net (ORCPT security at verizon.net);
>> Mon,
>> 19 Jan 2009 09:17:21 -0600 (CST)
>> Received: (qmail 55849 invoked by uid 60001); Mon, 19 Jan
>> 2009 15:17:16 +0000
>> Received: from [82.44.83.239] by
>> web54109.mail.re2.yahoo.com via HTTP; Mon,
>> 19 Jan 2009 07:17:15 -0800 (PST)
>> Date: Mon, 19 Jan 2009 07:17:15 -0800 (PST)
>> From: Dahsun <dahsun at yahoo.com>
>> Subject: Threats by one of your customers to rape and
>> bugger a Wikipedia user
>> X-Originating-IP: [206.190.37.244]
>> To: security at verizon.net
>> Reply-to: dahsun at yahoo.com
>> Message-id:
>> <462123.55297.qm at web54109.mail.re2.yahoo.com>
>> MIME-version: 1.0
>> X-Mailer: YahooMailWebService/0.7.260.1
>> Content-type: text/plain; charset=utf-8
>> Content-transfer-encoding: quoted-printable
>> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024;
>> d=yahoo.com;
>>
>> h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
>>
>>
>> b=UCdIgtiXRsWAhvhf8NKxKxQ9vYZAubqs6qyz0NrAB/pmKuh9smtFqntcNLZlMn3JogFojttb5+1kt4vSpTuY3PRM/U7tKsL9V9SAfZbeWRWmaDZPYCrZ+4Pr4u4vkUSesUqSsiIeEaDbqMsMXcpQeVmdt+XY7HoPRdENdijxXWI=;
>>
>> X-YMail-OSG:
>> QZ3aUWQVM1nhCP1GFxfRrYCzIxcq6z0yNEov_Km_Tf4Ld5FhTFk-
>>
>> MIME element (text/plain)
>> Dear Verizon,
>>
>> According to ARIN 71.167.96.32 is one of your IP addresses.
>> If so were you aware of this edit:
>>
>> http://en.wikipedia.org/w/index.php?title=User:Juliancolton&diff=prev&oldid=265081968
>>
>>
>> One of a series of vandalisms on Wikipedia by that IP, and
>> looking very similar to other vandalism on Wikipedia by
>> various Verizon IP addresses.
>>
>> I expect that as a socially responsible company you have
>> policies to deal with such incidents; however if you do
>> decide to continue supplying Internet services to that
>> particular customer would it be possible for you to assign
>> them a permanent IP address so we can indefinitely block
>> that particular address from editing Wikipedia?
>>
>> Yours Sincerely
>>
>> Dahsun
>
>
>
>
> _______________________________________________
> WikiEN-l mailing list
> WikiEN-l at lists.wikimedia.org
> To unsubscribe from this mailing list, visit:
> https://lists.wikimedia.org/mailman/listinfo/wikien-l
>
More information about the WikiEN-l
mailing list