New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Tools to detect scam activity on the server when knowing IP only?
Dear LET members, i wanted to ask You for ideas on how to discover if the server is used to do illegal activity like SPAM,phishing other fraud.
Assuming i only know IP address of the server.
The SPAM is quite clear to me how to discover, there is SPAMhaus and many checkers against IP SPAM blacklisting, example: http://www.blacklistalert.org/.
Next IP scam check tool is the lit of virus infected/equiped sites: http://support.clean-mx.de/clean-mx/viruses.php
Third one i know about is the list of spamvertised/defaced URLs: http://support.clean-mx.de/clean-mx/portals.php
All mentioned can be filtered based on given IP.
But pleas ekindly share your finding, URLs, Linux scripts for this job.
Thank you
Comments
(Disclaimer: All links I'm posting are tracked affiliate links, whenever the provider has an affiliate program. The following post may or may not contain such links)
You can get a list of (some) domains hosted on a IP from several services, including Bing. And check that list with some other services, like Google stopbadware.org
the ones you mentioned work well, spahaus is a list you can use to check domains and ip for blacklisting. If you see the domains they are hosting blacklisted ofter then they're probably spamming. You can also try and limit their email sending, if that's your main concern.