You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2010-02-23 7:54 am
- Spud
- Member
- From: Kent, UK
- Registered: 2009-09-08
- Posts: 206
- Website
208.118.60.157 Robot upto no good.
Logged into my site admin today to see a sudden increase in an unknown robot (missing user agent string) going from virtually no hits to 6244+3 hits within 4 hours! Something stinks here so I dug deeper. My log files were full of 208.118.60.157 searching, view topics and FAQ, multiple login attempts, etc. I then did a Whois:
Alchemy Communications, Inc. ALCH (NET-208-118-48-0-1)
208.118.48.0 - 208.118.63.255
Cyberdefender ALCH-524 (NET-208-118-60-0-1)
208.118.60.0 - 208.118.60.255
Anyone have any info on this robot? Is it a malware searching bot or what? Would appreciate some advice here.
Here is the Log file http://issviews.com/208.118.60.157.txt
This range of IPs will be on a total block for the time being.
Last edited by Spud (2010-02-23 8:09 am)
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.
Offline
#2 2010-02-23 8:16 am
- pedigree
- uıɐbɐ ʎɐqǝ ɯoɹɟ pɹɐoqʎǝʞ ɐ buıʎnq ɹǝʌǝu ɯ,ı
- From: Londonderry
- Registered: 2008-04-16
- Posts: 4,445
Re: 208.118.60.157 Robot upto no good.
I checked our logs here on this site and the only hit is this post and zbblock
Offline
#3 2010-02-23 8:38 am
- Spud
- Member
- From: Kent, UK
- Registered: 2009-09-08
- Posts: 206
- Website
Re: 208.118.60.157 Robot upto no good.
It seems to be quite an agressive robot 
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.
Offline
#4 2010-02-23 9:00 am
- diabolic.bg
- Member
- From: Bulgaria, Eastern Europe
- Registered: 2008-11-03
- Posts: 540
- Website
Re: 208.118.60.157 Robot upto no good.
Give it to ZB Block for a lunch. 
If nothing else, this bot is overloading the server.
Last edited by diabolic.bg (2010-02-23 9:04 am)
Offline
#5 2010-02-23 9:07 am
- Spud
- Member
- From: Kent, UK
- Registered: 2009-09-08
- Posts: 206
- Website
Re: 208.118.60.157 Robot upto no good.
Will put it on Zaps forum for him to look into.
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.
Offline
#6 2010-02-23 1:14 pm
- zaphod
- Jägermonster
- From: USA
- Registered: 2008-11-22
- Posts: 2,115
- Website
Re: 208.118.60.157 Robot upto no good.
Yep, and Alchemy Communications is now banned in the latest beta ZB Block signatures.
Go grab it here http://www.spambotsecurity.com/files/be … atures.zip
Includes as usual, a fresh bannedips.csv to lower load on here.
Zap 
Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.
Offline
#7 2010-02-23 2:18 pm
- Spud
- Member
- From: Kent, UK
- Registered: 2009-09-08
- Posts: 206
- Website
Re: 208.118.60.157 Robot upto no good.
Indeed, It hit me for 6000 account executions in 4 hours
Thanks Zap, already dlownloaded and installed the signature update 
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.
Offline
#8 2010-02-23 9:16 pm
- MysteryFCM
- Member
- From: Tyneside, UK
- Registered: 2008-01-16
- Posts: 605
- Website
Re: 208.118.60.157 Robot upto no good.
Blogged and written many times concerning CyberDefender (a company I recommend everyone stay away from)
Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net
Offline
Pages: 1