01
Sep
08

New Code in Production

I had a few hiccups at first.  The page size was 40 instead of 75, which made for a 32 page list.  I changed that and noticed that version of the page code was still set up for 30 second timeouts so I got some negative speed ratings.

In between I noticed I was doing the proxy count for every page, not just the first page (it takes a while for 1,000,000+ proxies), but by the third time it was back to normal.  Now it’s running swimmingly.

In this version, the live proxies found during the discovery cycle are moved into the gold database with a “Type” of “PENDING” as soon as they are found.  Between page runs, when “Type” is changed to “Transparent”, “Anonymous”, etc., you (well, I – not you) can run a query on the gold database to see what’s coming up for the next page run.

Very nice.

In the middle of hacking away at this code yesterday, both IS-1 and IS-2 went dark.  IS-2 and its companion, “Curious Site 1” (CS-1), went SERVFAIL dark.  That is, its host name was simply gone from DNS.

Gone.

IS-2 and CS-1 finally came back online in the evening, much to my relief.  IS-2 had moved to Frankfurt.  I’m not sure what happened with CS-1, but it came up as well.  That’s compelling evidence that they’re in cahoots.

IS-1 simply changed.  Previously, there was no default page in the root, but they allowed folder browsing (a stupid thing, but that’s how I found them in the first place).  My code was using that “feature” to get the timestamp on the proxy file.  Consequently, it didn’t run right.  I only noticed when I checked the page out in a browser (they’re into some shady “PayDay Loan” scam now).  But a new file was there in the same place and it had over 75,000 proxies in it.

If they ever change the file name, I’m screwed.

Now, if you’ve been following the Atrivo/EstHost shitstorm that has been going down in the last week, none of this is a real surprise.  I’m certain a lot of shady Web sites were motivated to get out of Dodge but it surprises me that IS-2 moved to Germany, where they have some pretty serious anti-hacking laws.  With that in mind, they may be moving again any day now.

There is no doubt in my mind that all three of these sites are up to no good.  However, I don’t work for an LEA (Law Enforcement Agency).  I’m only in it for the research.

Advertisements

0 Responses to “New Code in Production”



  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


Archives

Advertisements

%d bloggers like this: