lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 1 Sep 2011 22:39:41 +0300
From: nix@...roxylists.com
To: dink@...inkydink.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: China - the land of open proxies

>
> In July, hundreds of Chinese proxies on port 8909 started showing up
> every day on public proxy lists.  In August the daily numbers were in
> the thousands.
>
> Here is the list I collected during that period.  There are >135K
> proxies in this file (text, tab delimited, ~8 megs).
>
> http://www.mrhinkydink.com/utmods/135k.txt
>
> You may want to right-click and "save as".  This is offered as data you
> may be able to use for forensic purposes or router block lists.  Most of
> these proxies are currently offline.  When they are online, they're very
> good proxies.
>
> I believe this is similar to the PPLiveVA issue with TCP port 9415 that
> I noted back in April.
>
> http://mrhinkydink.blogspot.com/2011/04/insecure-defaults-in-ppliveav-client.html
>
> New port 9415 proxies stopped showing up on proxy lists when 8909 began
> to take over, which leads me to believe this is the hot new media client
> (either Youku or QQ) in Chinese-speaking countries.
>

Thanks for the list, I will post working proxies out of that list as soon
as NiX Proxy Checker has finished. It can beat 600k proxy in 24 hours so
this list has been checked in ~5.5 hours.

I believe those proxies are new botnet proxies, just like port the U.S
port 27977 ones were.

PS.

HTTP Proxy: 113.254.87.30:8909 RDNS: 113.254.87.30 |NiX| AnonyLevel: 1
Country: HONG KONG [HK] State/Region: - City: HONG KONG SSL CONNECT: No
Delay: 3.18 seconds

Nice post mrhinkydink ;)


> --Mr. Hinky Dink
>
> walk like a mannequin
> roll like a tyre
> act on reaction
> dodge the Big Spud Fryer
>
> http://mrhinkydink.blogspot.com
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ